Adobe to fix critical flaws

Adobe Reader

Adobe will fix some critical security issues in its Reader and Acrobat products this month, affecting various versions of the software.

Updates are expected to be rolled out during the week commencing 16 August, according to a security advisory.

The affected software includes Adobe Reader 9.3.3 for Windows, Mac and UNIX, as well as Acrobat 9.3.3 for Windows and Mac, and Reader 8.2.3 and Acrobat 8.2.3 for Windows and Mac.

The fixes are out-of-cycle releases, Adobe explained, and there will be another security update for Reader and Acrobat software on 12 October.

The security flaw was uncovered by Charlie Miller, a researcher at Independent Security Evaluators, during the Black Hat USA 2010 security conference in July.

The vulnerability could be exploited when maliciously-designed TrueType font is embedded into a PDF, allowing memory to be corrupted, according to security advisory provider Secunia.

Adobe recently joined the Microsoft Active Protections Program, allowing the Flash creator to share security information about such vulnerabilities with the other 65 members of the initiative.

Tom Brewster

Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.

He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.