Adobe to issue emergency fix for Reader security bug

Share this article:

Adobe on Tuesday warned of a critically rated, unpatched vulnerability in its Adobe Reader and Acrobat software.

Attackers who exploit the memory corruption flaw may be able to take control of a target system, according to an advisory.There are reports of live targeted, but limited, attacks underway.

Adobe expects to fix the issue sometime next week in Reader and Acrobat version 9. However, because the bug is mitigated by Protected View functionality, the company plans to wait until Jan. 10 to patch Reader and Acrobat X, its most current version. Jan. 10 is the scheduled date of Adobe's next quarterly security update.

The advisory details how users of the latest version can enable Protected View.

Reader for Android and Flash Player are not impacted by the vulnerability.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Android bug allowing SOP bypass a 'privacy disaster,' researcher warns

Android bug allowing SOP bypass a 'privacy disaster,' ...

Google reportedly addressed the issue, but many users likely await the fix from providers or OEMs.

Congressman asks Issa for hearing on CHS breach

The top Democrat on the House Oversight and Government Reform Committee asked for a hearing to investigate the CHS breach.

Google reveals 150 percent jump in gov't requests for user data

Google indicated in its most recent transparency report that it also saw a 15 percent jump in government requests for user data since the end of last year.