Adobe Releases Patches for Acrobat, Reader

As expected, Adobe today released new versions of its Acrobat and Reader software for Windows, Mac OS X, and Linux.  These address two critical security vulnerabilities (one a memory corruption problem, the other a buffer overflow) that, if exploited, might give an attacker control over your system.   According to Adobe’s Security Bulletin [APSB13-07], the following versions of the software are vulnerable:

  • Adobe Reader XI (11.0.01 and earlier) for Windows and Macintosh
  • Adobe Reader X (10.1.5 and earlier) for Windows and Macintosh
  • Adobe Reader 9.5.3 and earlier 9.x versions for Windows, Macintosh and Linux
  • Adobe Acrobat XI (11.0.01 and earlier) for Windows and Macintosh
  • Adobe Acrobat X (10.1.5 and earlier) for Windows and Macintosh
  • Adobe Acrobat 9.5.3 and earlier 9.x versions for Windows and Macintosh

There is some evidence that these vulnerabilities are currently being exploited, primarily via  E-mails that attempt to trick the user into opening a malicious PDF document.

Because the updates address a couple of serious vulnerabilities, I suggest that you update your systems as soon as you conveniently can.  For Reader, Windows and Mac OS X users can get the new version via the update mechanism built into the software (Help -> Check for Updates).  Alternatively, you can download update packages from these links:

Linux users can retrieve the new version, via FTP, from this link.

Please check the Security Bulletin for Acrobat update links.

Comments are closed.

%d bloggers like this: