Patch/Configuration Management, Vulnerability Management

Out-of-band fix for Adobe Reader security issue coming Friday

Adobe on Friday plans to issue an emergency patch to fix a critically rated, zero-day vulnerability in its Adobe Reader and Acrobat software that is being exploited in limited and targeted attacks. Friday's update will be available for Reader and Acrobat 9 for Windows. Because the bug is mitigated by Protected View functionality, the company plans to wait until its next quarterly security update on Jan. 10 to patch Reader and Acrobat X, its most current version. Attackers have already attempted to leverage the memory corruption flaw to infiltrate Lockheed Martin, among other companies. The defense contractor, which reported the bug to Adobe, said it did not experience a breach as a result of the attempted intrusion. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.