Adobe has pushed out an emergency patch to address critical vulnerabilities in its Reader and Acrobat software.
The flaws were found in Adobe Reader 9.4 and earlier versions for Windows, Mac and UNIX.
Critical vulnerabilities were also discovered in Adobe Acrobat 9.4 and earlier 9.x versions for Windows and Mac.
According to an Adobe advisory, the patches address memory corruption flaws in different versions of Reader and Acrobat that could lead to code execution.
“These vulnerabilities could cause the application to crash and potentially allow an attacker to take control of the affected system,” the company explained.
One of the fixes addressed a security hole in Reader reported earlier this month. Adobe had initially decided to offer a workaround for administrators before completing an effective patch.
The out-of-cycle updates also included a fix for critical vulnerabilities discovered in Adobe Flash Player, although the patch was made available earlier in the month.
The next quarterly security update for Adobe Reader and Acrobat are due to be issued on 8 February 2011.
Security issues have plagued Adobe this year. We caught up with the firm's director for product security and privacy to talk about what Adobe had been doing to counter threats.
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
