Adobe to patch critical holes in Reader and Acrobat
Adobe has announced that it will patch holes in its Reader and Acrobat products on 14 June. The company says that the updates will close several critical vulnerabilities. Adobe Reader X for Windows (version 10.0.1) and Mac OS X (version 10.0.3), Reader 9.4.3, and Acrobat X 10.0.3 and 9.4.3 are all said to be affected.
The company released updates for its Flash Player last Sunday. The update addressed a zero-day "universal" cross-site scripting vulnerability that could be used to take actions on a user's behalf on any web site or web mail provider once the user had visited a malicious site. At that point Adobe was still investigating whether Acrobat Reader and its embedded Flash Player were vulnerable.
- Prenotification Security Advisory for Adobe Reader and Acrobat, security bulletin from Adobe.