News Stay informed about the latest enterprise technology news and product updates.

Adobe fixes 29 flaws in Acrobat, Reader

Critical Adobe flaws could cause the applications to crash, enable an attacker to take full control of a victim's machine.

Adobe Systems Inc. issued an update Tuesday, repairing nearly 30 flaws identified as critical, as part of its quarterly...

update. Adobe warned that one flaw is being actively targeted by attackers.
To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

Adobe Reader 9.2 and Acrobat 9.2 fix vulnerabilities that if exploited by an attacker, could cause the application to crash or allow an attacker to run malicious code and gain access to critical system files.

The Adobe update fixes errors in Adobe Reader and Acrobat 9.1.3 and Acrobat 8.1.6 for Windows, Macintosh and UNIX. Security vendors have warned that malicious PDF files were targeting an unpatched heap overflow vulnerability.

According to the Adobe October Security Bulletin, the update resolves multiple heap-based buffer overflow conditions, memory corruption issues and input validation errors that could lead to code execution. An input validation issue specific to an ActiveX control could lead to a denial-of-service (DoS) attack, Adobe said.

The update fixes an error with a third party Web download product that Adobe Reader uses, which could be exploited by an attacker to escalate local privileges. A cross-site scripting (XSS) issue has also been addressed in a browser plugin for the Google Chrome and Opera browsers.

Dig Deeper on Productivity apps and messaging security

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.