Adobe has released updates for its popular Reader and Acrobat software that fix 17 separate vulnerabilities including one that could enable hackers to take control of a user’s PC.
Adobe Reader and Acrobat 9.3.3 and 8.2.3 is an accelerated quarterly release originally slated for 13 July, fixing a number of issues that the firm has already disclosed. The next quarterly update is scheduled for 12 October.
One of the flaws, already being exploited in the wild, relates to the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and Unix and could cause a crash and potentially allow an attacker to take control of the affected system.
Another fix mitigates a social engineering attack that could lead to code execution, according to Adobe. This flaw was first disclosed in March and takes advantage of PDF "/launch" functionality.
“Today's update includes changes to resolve the misuse of this command,” wrote Adobe product manager Steve Gottwals in a blog post.
“We added functionality to block any attempts to launch an executable or other harmful objects by default. We also altered the way the existing warning dialog works to thwart the known social engineering attacks.”
Adobe fills 17 Reader and Acrobat holes
By
Phil Muncaster
on
Jul 1, 2010 7:04AM
Software firm accelerates patch cycle to address critical flaws.
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
Partner Content
Better regulation needed to drive trust in AI: KPMG
Partner Content
Australia has the brains for digital government – but does it have the brawn?
.jpg&h=140&w=231&c=1&s=0)
Partner Content
AI’s inexorable rise (will it eat your job?)
.png&h=140&w=231&c=1&s=0)
Partner Content
It's time to clean up the conference room
Sponsored Whitepapers
Responding To Industry Trends And Our 5m+ Users
The Future of Digital Identity in Government
Secure Public Services for Every Australian
7½ Questions for Aged Care's Digital Decisions
Creating the Sustainable IT Department
