Adobe Releases Security Updates for Reader, Acrobat

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

Adobe Systems recently released versions 10.1.3 and 9.5.1 of its Adobe Reader and Adobe Acrobat applications. "These updates address vulnerabilities in the software that could cause the application to crash and potentially allow an attacker to take control of the affected system," the company stated in a security bulletin.

"These include memory corruption in the JavaScript API and JavaScript handling, an integer overflow in the True Type Font (TTF) handling and a security bypass via the Adobe Reader installer, all of which could lead to arbitrary code execution," The H Security reports.

"The company also announced that Adobe Reader 9.5.1 no longer includes authplay.dll, a Flash Player library that was bundled with previous versions of the program to enable the rendering of Flash content embedded in PDF documents," writes Computerworld's Lucian Constantin. "The presence of the authplay.dll component in Adobe Reader has caused some security issues in the past, primarily because of the inconsistent update schedules for Adobe Reader and Flash Player."

"In addition to fixing security flaws, the Reader and Acrobat updates address problems with loading their accompanying Web plug-ins in Safari under 64-bit mode (the default mode for current and recent versions of Safari)," notes CNET's Topher Kessler.