Adobe Systems will deliver its first set of quarterly patches next Tuesday as the company seeks to improve how it responds to security vulnerabilities in its widely used products.
The patches will cover Adobe Reader and Acrobat versions 7.x, 8.x, and 9.x for Microsoft Windows and for Apple’s Mac OS X, wrote Brad Arkin, director for product security and privacy, on the company’s security blog. Information on patches for Unix systems will be released later.
The fixes are considered “critical,” Adobe’s highest severity warning, meaning that malicious native code can be executed on a PC without a user knowing it.
Last month Adobe announced it would move to a quarterly patching schedule in order to improve predictability for administrators. Adobe also chose to release its patches on the second Tuesday of the month, the same day Microsoft releases its updates, so administrators can test both sets of patches at the same time before updating PCs.
Arkin wrote that the updates will incorporate the initial output of code-hardening efforts. Adobe said it is combing through the legacy code in its products in order to find and fix flaws.
Adobe products have been extensively probed by hackers. Vulnerabilities in the company’s Reader and Acrobat software have let hackers create PDF files that, if opened, can result in a compromised PC.
Since PDF files are commonly used, hackers have been able to successfully trick people into opening the documents using social engineering techniques.