Adobe warns of critical holes in Reader, Acrobat
Adobe announced today that it will release an update for Adobe Reader (9.5.1) and Acrobat (10.1.3) and earlier versions for both Windows and Mac to fix critical security flaws.
The updates will be released on August 14 -- this coming Tuesday.
The pre-notification security advisory warning -- APSB12-16 -- gives few details, except noting the affected software versions and the severity of the security flaws.
- Adobe Reader X (10.1.3) and earlier 10.x versions for Windows and Mac
- Adobe Reader 9.5.1 and earlier 9.x versions for Windows and Mac
- Adobe Acrobat X (10.1.3) and earlier 10.x versions for Windows and Mac
- Adobe Acrobat 9.5.1 and earlier 9.x versions for Windows and Mac
The flaws are rated "critical," meaning malicious native-code can be executed without a user's knowledge.
Out of the six versions of Adobe Reader and Adobe Acrobat, four have a priority rating of 2, signifying "a vulnerability that has historically been at elevated risk," despite "no known exploits."
However, both products have versions for Windows and Mac that are at rating 1, noting that a vulnerability is "being targeted" or at a "higher risk of being targeted." These updates should be installed within 72 hours of the security fix release.