Adobe has released an update for Acrobat and Reader that fixes two critical vulnerabilities that could cause crashes or allow hackers to gain control of an affected computer.
The fix involves an update for Acrobat and Reader 9.4.6 or older to 9.4.7, patching the holes in the software for Windows computers, but leaving the Mac and Unix versions still vulnerable.
Acrobat and Reader X have also not received a patch, primarily because Adobe believes there is no immediate risk from the vulnerability to computers with version 10.1.1 installed, due to Protected Mode and Protected View.
The company is still planning to address the problem for Acrobat and Reader X and the Mac and Unix older versions, but only in its next quarterly security update, currently scheduled for 10 January.
Adobe claims that Reader for Android and Flash Player are not affected by the vulnerabilities.
The security holes were found by Lockheed Martin CIRT, Mitre and members of the Defence Security Information Exchange, who identified two memory corruption vulnerabilities affecting the U3D and PRC components, which allowed for execution of code.
Security firm Sophos has reported incidents of spam emails with malicious PDF attachments that exploit these vulnerabilities, making it essential that users update their software as soon as possible.
The update will be automatically downloaded for those who have the setting enabled or it can be downloaded from the Adobe security web site.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago