Jump to content

Community Zone
Recent Forum Topics
MSFN Guides
Mobile News

MSFN Recommend
AskVG.com Bink Filehorse FreewareFiles Where unprofessional journalism looks better OSNN The Windows Club WinBeta lunarsoft
MSFN Statistics

Windows News
Adobe issues slew of patches for its software

Adobe on Tuesday released its quarterly security update, fixing dozens of vulnerabilities, including 29 flaws in its popular PDF viewing software Reader and Acrobat and 13 in Flash Player.

The Reader and Acrobat flaws, most of which were classified as "critical," could cause the application to crash or allow an attacker to take control of the affected system, Adobe said in its security bulletin. Many of the flaws were input validation or library loading issues that could lead to code execution. Several others were described as memory corruption or denial-of-service vulnerabilities that could allow the execution of code.

This marks the first time the software maker has issued fixes for Adobe Reader X, the latest major version of the software that was released in November and includes a new feature called “Protected Mode” that is designed to mitigate attacks.

The risk for Adobe Reader X users is significantly lower, Adobe said, because none of the security issues patched in this update can bypass this new capability, which forces operations that display PDF files to the user to be run inside a confined environment, known as a sandbox, in which certain functions are prohibited.

Tuesday's update bring the latest versions of Reader and Acrobat to 10.0.1, 9.4.2, and 8.2.6 for Windows and Mac OS X. Unix users will have to wait until Feb. 28 for a fix.

The next quarterly security updates for Adobe Reader and Acrobat are scheduled for June 14.

Full story: SC Magazine