New versions of Adobe Reader, Acrobat to arrive Tuesday

Share this article:

As part of its second-ever quarterly security update, Adobe on Tuesday plans to release new versions of Reader and Acrobat to address a number of flaws, including one that is being exploited in live attacks.

Adobe is set to distribute Reader and Acrobat versions 9.1.3 and 8.1.6 for Windows, Mac and UNIX, and version 7.1.3 for Windows and Mac. The updates, to coincide with Microsoft's monthly patch release, will plug a number of vulnerabilities, including a critical bug present in version 9.1.3 that is being leveraged in targeted but limited in-the-wild attacks.

Users can protect themselves from an exploit by enabling Data Execution Prevention (DEP), a Vista security feature that prevents an application from executing code in certain memory regions, or by disabling JavaScript, according to an Adobe bulletin released Thursday.

In May, Adobe announced that it would begin distributing patches on a regular cycle, amid concern that the company was not doing enough to secure the users of its popular PDF products from a number of high-profile vulnerabilities earlier this year.

The patches are being distributed four times a year, coincident with at least four of the same days that Microsoft pushes out its fixes.

"Enterprises have already optimized their process where they're ready to receive security updates on Patch Tuesday," Brad Arkin, Adobe's director of software security and privacy, told SCMagazineUS.com in May. "The feedback from our customers is that it's not any additional work to add updates for Reader. We're hoping to get people in the habit of applying these updates."

However, Tuesday's release was delayed by one month after Adobe was set back after it released an out-of-cycle patch on July 31.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Beazley: employee errors root of most data breaches, but malware incidents cost ...

Insurance firm Beazley analyzed more than 1,500 data breaches it serviced between 2013 and 2014.

Apple issues seven updates, fixes more than 40 vulnerabilities in iOS 8, OS 10.9.5

Apple issues seven updates, fixes more than 40 ...

In one of its infrequent "Update Surprisedays," Apple plugged holes, boosted security and added features.

Canadian telecom co. Telus unveils first transparency report

The company received more than 100,000 government requests for customer data last year.