Adobe fixes ‘critical vulnerabilities’ in Acrobat products
By Marco Tabini, Macworld
Fire up your updaters, ladies and gentlemen! Adobe on Tuesday released a long-awaited patch that addresses a number of vulnerabilities in versions of its Acrobat Pro and Reader offerings.
According to a security advisory issued by the company, 18 different vulnerabilities, some of which are critical, are corrected by the update. Some of these bugs are being exploited “in the wild,” which makes updating to the latest version imperative for all users of the operating systems supported by Acrobat, including OS X, Windows, and Linux.
Adobe has released new versions of both Acrobat Professional and Acrobat Reader for Mac. The former comes in a Universal package, while the latter comes in separate packages for Intel and PowerPC architectures. This is due to the fact that Reader, which is distributed free of charge as an all-purpose PDF viewer, is distributed separately to start with in an effort to keep the file size as small as possible, thus reducing its download times.
Both Acrobat 9.3.3 Pro and Adobe Reader 9.3.3 address what Adobe calls “critical vulnerabilities” in earlier versions of the software. According to an Adobe security bulletin, the vulnerability could cause either Acrobat or Reader to crash, potentially allowing an attacker to take control of your computer. Earlier this month, Adobe patched a similar vulnerability in its Flash software.
The Acrobat and Reader updates can only be applied to an existing installation of either version 8.3.2 or 9.3.2 of the same product. If you have a different version installed, you will need to upgrade to those two releases first.