August 19, 2010
Google has released a new version of its Chrome browser, 5.0.375.127, which incorporates fixes for nine security vulnerabilities (two of which are rated Critical), as well as a workaround for a Windows kernel bug. The new stable release is available for all platforms (Mac OS X, Linux, and Windows). You should get the new version via the built-in updating mechanism, or via your Linux distro’s repository.
Update Friday, 20 August, 8:05 EDT
Details of the fixes included in this update are in the release announcement on the “Chrome Releases” blog.
August 19, 2010
As promised, Adobe Systems today released security updates for its Acrobat and Reader software. The updates address a critical security vulnerability [CVE-2010-2862], as outlined in Adobe’s Security Bulletin [APSB10-17]. A fix for the Flash vulnerability, patched earlier this month, is also included for the use of Flash in these two products.
Either product can be updated using the built-in updating mechanism (Main menu: Help / Check for Updates). Alternatively, the updates for Reader can be downloaded using the following links:
If you are using Windows or Mac OS X, the patch is an incremental update from version 9.3.3 to 9.3.4, not a full installation. If you are using UNIX or Linux, the package files (which will be in the FTP directory
9.3.4/ENU for US English) are apparently full installation packages (there are .rpm, .deb, and .pkg formats available, as well as a tarball). If you use these download links, make sure you scroll down the page, if necessary, to get to version 9.3.4, which is the updated one.
Links for the Acrobat updates are in the Security Bulletin.
If you are using these products, especially Reader, I recommend that you install the update(s) as soon as you conveniently can. Like Adobe’s Flash, Reader is very widely installed across a variety of platforms, and that makes it an attractive target.