Adobe to release emergency patch today

August 19, 2010 // 10:56 a.m.

Tags: #0day #0-day #acrobat #adobe #adobe-acrobat #adobe-patch #adobe-reader #patch #pdf #pdf-viewer #reader #security #vulnerability #zero-day

Adobe has announced that it is releasing an emergency out-of-cycle patch later today to resolve a range of security vulnerabilities in its Reader and Acrobat PDF packages.

The flaws - which affect software across Windows, Mac OS X, and Unix/Linux - were publicised as part of the Black Hat USA hacker conference, and represent "critical" security vulnerabilities that can leave systems at risk of remote code-execution attacks.

The vulnerabilities plugged by this latest security update are thought to be so critical that Adobe has decided to ditch its usual patch release cycle. The next standard security patch release isn't due until the 12th of October, as part of Adobe's quarterly release cycle.

While an out-of-cycle patch is the quickest way to get its users protected, Adobe risks angering system administrators who now have to find time to test and deploy a critical software modification with very little advanced notice.

It's not the first time Adobe has been faced with releasing critical patches for serious security flaws, however: back in June a vulnerability in the company's Acrobat, Reader, and Flash packages left users open to attack, while a similar exploit which didn't require JavaScript to run was discovered back in April.

With so many security vulnerabilities affecting its software, it's hard not to wonder if Steve Jobs had a point when he famously rejected Adobe's software from his iOS platform.

Will you be racing around to patch Adobe's Reader on your systems, or has the company's track record with security already got you looking for a replacement PDF viewer? Do you just use Foxit Reader instead? Share your thoughts over in the forums.

QUICK COMMENT

View this in the forums

SUBSCRIBE TO OUR NEWSLETTER

WEEK IN REVIEW

TOP STORIES

SUGGESTED FOR YOU