All the latest UK technology news, reviews and analysis

Adobe to issue further Reader and Acrobat patches

by Cath Everett

12 Feb 2010

Be the first to comment

  • Tweet this
Adobe
Adobe Flash Player 10.0.42.34 and earlier versions are affected by the latest flaw

Barely a month after Adobe issued a fix to mend a critical flaw in its Reader and Acrobat products, the company has been forced to rush out another owing to a serious bug in its Flash Player, which received a patch yesterday.

Adobe said in a security bulletin that the vulnerability, identified in Adobe Flash Player version 10.0.42.34 and earlier, could be used by attackers to trick a web browser into executing code remotely.

Further reading

This means that the browser could make an unauthorised cross domain request and directly install unauthorised software onto users' machines. Such flaws are commonly exploited by malware writers.

The Reader and Acrobat patches are due next Tuesday, as the products are also susceptible to the Flash Player flaw. Adobe usually issues security updates for its software on a quarterly basis.

But the problem is that hackers could understand the nature of the Reader and Acrobat bugs by examining the Flash Player patch and use the information to attack them, although Adobe said that it was not aware of any such activity to date.

Users concerned about the Flash Player flaw being exploited could mitigate the threat by opening documents outside their browser, the company added.

Adobe issued a critical security update addressing eight vulnerabilities in its Reader and Acrobat 9.2 builds for the Mac, Windows and Unix in mid-January. Six of the vulnerabilities, if exploited, would also enable attackers to undertake remote code execution on targeted systems.

The security of Adobe's software has come under greater scrutiny over the past year as attackers have increasingly exploited such vulnerabilities to hack into computers.

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Security

A Microsoft logo

Microsoft posts critical Internet Explorer patch with February fixes

Related white papers

Related articles

Related jobs

Today's top stories

Cern Control Centre building

CERN powers up Large Hadron Collider in final search for Higgs Boson

hp-z1-workstation-pc

HP takes wraps off all in one Z1 workstation

Asus Transformer Prime vs Apple iPad 2

Apple iPad 2 vs Asus Transformer Prime head-to-head review

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Features

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

Khidr headshot

Intel will prove Steve Jobs wrong in the mobile market

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

Network Support Engineer Up To £40k

(Roc Search - Network Support Engineer, 2nd line, 3rd...

3rd Line Engineer / Infrastructure Engineer - VMware, Server,

3rd Line Engineer / Infrastructure Engineer - Berkshire...

SQL Server DBA - Database Administrator - MySQL Suffolk - £50k

MySQL SQL SERVER DBA / Database Administrator - Online...

PMO Analyst - Banking

PMO Analyst - Banking Client A financial organisation...

To send to more than one email address, simply separate each address with a comma.