Adobe Shores Up Security Holes in Reader, Acrobat
The updates fix more than a dozen known exploits, including a PDF vulnerability that hackers were using to usurp control of users' computers.
Adobe Systems this week released another round of updates to its popular Reader and Acrobat applications that it says will lock down a total of 17 security vulnerabilities that put users' computers and data at risk.
Adobe, which warned users of the exploits earlier this month, said the new updates are for Reader 9.3.2 for Windows, Mac and Unix, Acrobat 9.3.2 for Windows and Mac and Reader 8.2.2 and Acrobat 8.2.2. for Windows and Mac.
Earlier this month, Adobe (NASDAQ: ADBE) released a patch for its Flash Player software to resolve a security flaw for Web browsers that caused the plugin to crash and gave hackers access to users' PCs.
This latest round of fixes includes one for a PDF vulnerability that used the "/launch" functionality on infected PCs to give hackers control of the computers.
"We added functionality to block any attempts to launch an executable or other harmful objects by default," Steve Gottwals, a group product manager at Adobe, wrote in a blog post Tuesday. "We also altered the way the existing warning dialog works to thwart the known social engineering attacks."
Adobe had originally planned to release the updates on July 13 as part of its regular update cycle. The company's security updater service, which pushes security advisories and updates to consumers and businesses on a scheduled basis, has been in operation since April.
However, owing to this week's new update, the next batch of security updates will now be released on Oct. 12 -- unless of course there's a flurry of serious security exploits discovered in the interim.