Adobe issues security update repairing Flash Player, Reader X flaws

Adobe addressed more than a dozen vulnerabilities in Flash Player and more than two dozen holes in Adobe Reader and Acrobat.

Adobe Systems Inc. issued its quarterly security updates Tuesday, repairing a bevy of serious flaws in Flash Player and in Adobe Reader and Acrobat. The patches also included an Adobe Reader X update, repairing holes in the newly security-tuned PDF viewing software.

These vulnerabilities could cause the application to crash and potentially allow an attacker to take control of the affected system.

Adobe Systems Inc.,

The software maker issued Adobe Flash Player 10.2.152.26, repairing more than a dozen critical vulnerabilities. Many of the Flash Player vulnerabilities include memory corruption errors that could be exploited by an attacker to gain access to a machine and execute code remotely.

Several of the vulnerabilities were reported through VeriSign Inc.'s iDefense Labs, including one flaw, which was among others that could be used in drive-by attacks. An attacker can inject malicious code in a webpage to exploit the error and gain the same privileges as the user.

Adobe also addressed critical holes identified in Adobe Shockwave Player 11.5.9.615 and earlier versions.

In addition, Adobe issued a critical security update, repairing more than two dozen vulnerabilities in its Adobe Reader and Acrobat PDF viewing software. The update affects Adobe Reader X running on Windows and Macintosh, Adobe Reader 9.4.1 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat X and earlier versions for Windows and Macintosh.

"These vulnerabilities could cause the application to crash and potentially allow an attacker to take control of the affected system," Adobe said in its advisory.

Adobe Reader and Acrobat X are the company's highly touted applications that are configured to run in a sandbox to isolate the software from running OS processes. The new software makes it more difficult for cybercriminals to pull off a successful attack. The "risk for Adobe Reader X users is significantly lower as none of these issues bypass Protected Mode mitigations," Adobe said.

Dig deeper on Security patch management and Windows Patch Tuesday news

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close