Adobe will fix some critical security issues in its Reader and Acrobat products this month, affecting various versions of the software.
Updates are expected to be rolled out during the week commencing 16 August, according to a security advisory.
The affected software includes Adobe Reader 9.3.3 for Windows, Mac and UNIX, as well as Acrobat 9.3.3 for Windows and Mac, and Reader 8.2.3 and Acrobat 8.2.3 for Windows and Mac.
The fixes are out-of-cycle releases, Adobe explained, and there will be another security update for Reader and Acrobat software on 12 October.
The security flaw was uncovered by Charlie Miller, a researcher at Independent Security Evaluators, during the Black Hat USA 2010 security conference in July.
The vulnerability could be exploited when maliciously-designed TrueType font is embedded into a PDF, allowing memory to be corrupted, according to security advisory provider Secunia.
Adobe recently joined the Microsoft Active Protections Program, allowing the Flash creator to share security information about such vulnerabilities with the other 65 members of the initiative.
-
AI layoffs could spark a new wave of offshoringNews Analysts expect a wave of rehiring next year in the wake of AI layoffs. That may sound like good news for workers, but it'll probably involve offshoring or outsourcing.
-
Hackers are using these malicious npm packages to target developers Windows, macOS, and Linux systemsNews Security experts have issued a warning to developers after ten malicious npm packages were found to deliver infostealer malware across Windows, Linux, and macOS systems.
-
Critical Dell Storage Manager flaws could let hackers access sensitive data – patch nowNews A trio of flaws in Dell Storage Manager has prompted a customer alert
-
Flaw in Lenovo’s customer service AI chatbot could let hackers run malicious code, breach networksNews Hackers abusing the Lenovo flaw could inject malicious code with just a single prompt
-
Industry welcomes the NCSC’s new Vulnerability Research Initiative – but does it go far enough?News The cybersecurity agency will work with external researchers to uncover potential security holes in hardware and software
-
Hackers are targeting Ivanti VPN users again – here’s what you need to knowNews Ivanti has re-patched a security flaw in its Connect Secure VPN appliances that's been exploited by a China-linked espionage group since at least the middle of March.
-
Broadcom issues urgent alert over three VMware zero-daysNews The firm says it has information to suggest all three are being exploited in the wild
-
Nakivo backup flaw still present on some systems months after firms’ ‘silent patch’, researchers claimNews Over 200 vulnerable Nakivo backup instances have been identified months after the firm silently patched a security flaw.
-
Everything you need to know about the Microsoft Power Pages vulnerabilityNews A severe Microsoft Power Pages vulnerability has been fixed after cyber criminals were found to have been exploiting unpatched systems in the wild.
-
Vulnerability management complexity is leaving enterprises at serious riskNews Fragmented data and siloed processes mean remediation is taking too long
