Adobe brings forward security update for Reader
Confirming their promise of two weeks ago, Adobe has now officially announced that the security updates for Reader and Acrobat will be released on Tuesday, the 29th of June. Apart from the hole in the authplay.dll library shipped with Reader and Acrobat, the updates also close other holes. While Adobe hasn't mentioned an exact number, these holes are said to be critical. The updates for Windows, Mac and Unix (only Windows and Mac in the case of Acrobat) are for versions 9.3.3 and 8.2.3.
This means that the updates will be released two weeks ahead of the regular quarterly update schedule. With this measure, Adobe has made a compromise that allows closing the original hole quickly, and fixing the, as yet, undisclosed holes at the same time. Otherwise, Adobe would have had to release two updates within only a few weeks, which it says would have increased patch management effort for large companies.
For Flash Player, the hole is already being actively exploited to infect the PCs of visitors who haven't installed the current version 10.1.