Adobe's emergency patch for Reader
Just a week after multiple critical holes in Adobe Reader were confirmed, the company has released new versions of the software. The vulnerabilities affect versions 9, X and XI of Reader and Acrobat for Windows, Mac OS X and Linux. The fixed program versions are 9.5.4, 10.1.6 and 11.0.02.
The security bulletin says that Adobe has fixed two holes, although no details of the nature of the holes has been given. However, Adobe has advised users to update immediately, rating them at its highest priority on Windows and Mac OS X, because the vulnerabilities are already actively being exploited to infect systems with spyware when a specially crafted PDF file is opened. The Linux update is at a lower priority, presumably because Adobe know of no active attacks exploiting the flaw on Linux. While the updates will be installed automatically, users also have the option of manually triggering the update process in the Help menu of each program.