Patch/Configuration Management, Vulnerability Management

Adobe patches against PDF exploits that overran sandbox

Adobe on Wednesday made available a security update to its Reader and Acrobat software to close two vulnerabilities that are under active attack.

The update for Windows, Mac and Linux users comes about a week after researchers at security firm FireEye revealed that saboteurs were spreading targeted exploits to take advantage of an unpatched flaw in Reader 9.5.3, 10.1.5 and 11.0.1. Shortly after, Adobe confirmed that its software was susceptible to two bugs: CVE-2013-0640 and CVE-2013-0641.

Attacks against the flaws appeared able to bypass sandbox protection that Adobe had put in place.

Users can automatically update their software, and additional patching details are available in a security bulletin from Adobe here.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.