In association with heise online

17 November 2010, 10:34

Update for Adobe Reader fixes 19 holes

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The unscheduled update 9.4.1 for Adobe Reader and Acrobat essentially eliminates the 18 holes in the embedded version of the Flash Player. One of these holes has already been exploited to attack users and infect PCs.

In addition, the update closes a hole in Reader due to a bad JavaScript function (Doc.printSeps), which is classified as critical. A public exploit for the vulnerability causes Reader to crash, but it's likely the hole can also be used to inject code. The hole is not reportedly present in the Adobe Acrobat and the Android versions of the Reader.

Updates to version 9.4.1 are available to download for the Windows and Mac OS X versions of Adobe Reader and Acrobat. Linux users will have to wait until the 30th of November. Alternatively, current Reader and Acrobat users on Windows can use the built-in automatic update feature to upgrade to the latest release.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit