ExTS Admin Starbuck Posted February 10, 2011 ExTS Admin Posted February 10, 2011 First fixes for flaws in Reader X Adobe yesterday patched 29 vulnerabilities in Reader, it's PDF viewer, and 13 more in Flash, the popular Web media browser plug-in, as part of an even larger quarterly security update. It was the first time that Adobe patched Reader X, the upgrade it issued last November that includes a "sandbox" anti-exploit technology in the Windows version. Nearly all the Reader bugs were rated "critical," meaning that they could be exploited by attackers to plant malware on an unpatched system, although for several, Adobe wasn't certain that remote code execution was possible. Two of the 29 could lead to cross-site scripting (XSS) attacks, a common tactic by identity thieves who target browsers. Hackers could exploit one of the vulnerabilities -- a Windows-only flaw -- to gain additional privileges on a machine. Almost half of the bugs were in Reader's font-, image- or 3-D file-parsing code, Adobe said in the advisory issued on Tuesday. The updates brought Reader to versions 8.2.6, 9.4.2, an 10.0.1 for Windows and Mac OS X. Linux users must wait until Feb. 28, however, when Adobe will follow with fixes for the Reader edition that works on that operating system. All but three of the bugs affected Reader X, the upgrade Adobe launched to some fanfare three months ago. Adobe recommends users update their software installations by following the instructions below: Adobe Reader Users on Windows and Macintosh can utilize the product's update mechanism. The default configuration is set to run automatic update checks on a regular schedule. Update checks can be manually activated by choosing Help > Check for Updates. Adobe Reader users on Windows can also find the appropriate update here: Adobe - Adobe Reader : For Windows. Adobe Reader users on Macintosh can also find the appropriate update here: Adobe - Adobe Reader : For Macintosh. An update for Adobe Reader users on UNIX is expected to be available by the week of February 28, 2011. Adobe Acrobat Users can utilize the product's update mechanism. The default configuration is set to run automatic update checks on a regular schedule. Update checks can be manually activated by choosing Help > Check for Updates. Acrobat Standard and Pro users on Windows can also find the appropriate update here: Adobe - Acrobat : For Windows. Acrobat Pro Extended users on Windows can also find the appropriate update here: Adobe - Acrobat 9 Pro Extended : For Windows. Acrobat 3D users on Windows can also find the appropriate update here: Adobe - Acrobat 3D : For Windows. Acrobat Pro users on Macintosh can also find the appropriate update here: Adobe - Acrobat : For Macintosh. Source: Adobe patches 42 bugs in Reader, Flash Quote Member of:UNITE
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.