Adobe fix plugs dangerous attack holes in Reader, Acrobat Staff

Adobe Systems Inc. issued a massive update Tuesday, repairing nearly two dozen vulnerabilities to its Reader and Acrobat software, including a zero-day flaw that attackers are targeting in the wild.

The Adobe fix

    Requires Free Membership to View

was issued a week ahead of its regular quarterly patch release for Reader and Acrobat to address a dangerous Flash Player vulnerability that it fixed Sept. 20. The hole also affects the Flash components in Reader and Acrobat. In a security bulletin addressing the flaw Adobe said it was aware of ongoing attacks against those programs.

The critical flaw enables an attacker to remotely cause Flash Player to crash and execute malicious code to take control of a victim's machine. The Flash Player hole surfaced in September when exploits were made widely available.

In addition, 22 other vulnerabilities were repaired with Tuesday's release. Adobe also fixed a second critical vulnerability, which affects Flash, Reader and Acrobat and could be used by an attacker to crash the applications and gain control of a victim's machine. Adobe said it was unaware of any active attacks targeting that hole.

Adobe urges users of Adobe Reader and Acrobat 9.3.4 and earlier or Adobe Reader and Acrobat 8.2.4 or earlier for Windows and Macintosh to upgrade to the latest versions. Adobe Reader and Acrobat for UNIX systems are also affected by the update.

Adobe said the next quarterly security updates for Adobe Reader and Acrobat are scheduled for Feb. 8, 2011.

~Robert Westervelt

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: