Feeds

Adobe to patch Black Hat bugs on Thursday

Once more unto the breach

Secure remote control for conventional and virtual desktops

Adobe plans to release out-of-sequence updates on Thursday (19 August) designed to patch security holes in its Acrobat and Reader PDF software revealed at the Black Hat conference earlier this month.

Updates for Adobe Reader 9.3.3 for Windows, Macintosh and Unix will accompany Adobe Acrobat 9.3.3 for Windows and Macintosh as well as cross-platform patches for Adobe Reader 8.2.3 and Acrobat 8.2.3 - earlier but still supported versions of the software applications. Thursday will also mark the availability of a cross-platform update for Adobe Flash Player 10.1.53.64.

Vulnerable versions of Acrobat bundle an at-risk version of Flash Player. Secondly an integer overflow error in CoolType.dll library packages creates a critical code injection flaw, as explained in an advisory by Secunia here. Both bugs were discovered by Charlie Miller, of Independent Security Evaluators.

Adobe's next quarterly security update falls on 12 October but the Black Hat bugs were too serious to wait for that, hence the decision to push out an earlier release. More details on the planned update can be found in Adobe's advisory here.

Attacks against Adobe's applications are second only to Microsoft as the favourite target for hacker attackers. Adobe is putting a lot of effort into improving its patching and security process but the results, for now at least, remain unseasoned. The software maker's frequent security updates are a little hard to stomach as a result. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
Euro Parliament VOTES to BREAK UP GOOGLE. Er, OK then
It CANNA do it, captain.They DON'T have the POWER!
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
NSA SOURCE CODE LEAK: Information slurp tools to appear online
Now you can run your own intelligence agency
Post-Microsoft, post-PC programming: The portable REVOLUTION
Code jockeys: count up and grab your fabulous tablets
Twitter App Graph exposes smartphone spyware feature
You don't want everyone to compile app lists from your fondleware? BAD LUCK
Microsoft adds video offering to Office 365. Oh NOES, you'll need Adobe Flash
Lovely presentations... but not on your Flash-hating mobe
prev story

Whitepapers

Free virtual appliance for wire data analytics
The ExtraHop Discovery Edition is a free virtual appliance will help you to discover the performance of your applications across the network, web, VDI, database, and storage tiers.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Business security measures using SSL
Examines the major types of threats to information security that businesses face today and the techniques for mitigating those threats.