December 15, 2011

Out-of-band fix for Adobe Reader security issue coming Friday

Adobe on Friday plans to issue an emergency patch to fix a critically rated, zero-day vulnerability in its Adobe Reader and Acrobat software that is being exploited in limited and targeted attacks. Friday's update will be available for Reader and Acrobat 9 for Windows. Because the bug is mitigated by Protected View functionality, the company plans to wait until its next quarterly security update on Jan. 10 to patch Reader and Acrobat X, its most current version. Attackers have already attempted to leverage the memory corruption flaw to infiltrate Lockheed Martin, among other companies. The defense contractor, which reported the bug to Adobe, said it did not experience a breach as a result of the attempted intrusion. 
Related Articles
Related Topics

More in News

Privacy-bolstering "Apps Act" introduced in House

The bill would provide consumers nationwide with similar protections already enforced by a California law.

Microsoft readies permanent fix for Internet Explorer bug used in energy attacks

Microsoft is prepping a whopper of a security update that will close 33 vulnerabilities, likely including an Internet Explorer (IE) flaw that has been used in targeted website attacks against the U.S. government.

Weakness in Adobe ColdFusion allowed court hackers access to 160K SSNs

Up to 160,000 Social Security numbers and one million driver's license numbers may have been accessed by intruders.