Feeds

Adobe to patch Black Hat bugs on Thursday

Once more unto the breach

Security for virtualized datacentres

Adobe plans to release out-of-sequence updates on Thursday (19 August) designed to patch security holes in its Acrobat and Reader PDF software revealed at the Black Hat conference earlier this month.

Updates for Adobe Reader 9.3.3 for Windows, Macintosh and Unix will accompany Adobe Acrobat 9.3.3 for Windows and Macintosh as well as cross-platform patches for Adobe Reader 8.2.3 and Acrobat 8.2.3 - earlier but still supported versions of the software applications. Thursday will also mark the availability of a cross-platform update for Adobe Flash Player 10.1.53.64.

Vulnerable versions of Acrobat bundle an at-risk version of Flash Player. Secondly an integer overflow error in CoolType.dll library packages creates a critical code injection flaw, as explained in an advisory by Secunia here. Both bugs were discovered by Charlie Miller, of Independent Security Evaluators.

Adobe's next quarterly security update falls on 12 October but the Black Hat bugs were too serious to wait for that, hence the decision to push out an earlier release. More details on the planned update can be found in Adobe's advisory here.

Attacks against Adobe's applications are second only to Microsoft as the favourite target for hacker attackers. Adobe is putting a lot of effort into improving its patching and security process but the results, for now at least, remain unseasoned. The software maker's frequent security updates are a little hard to stomach as a result. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
'Windows 9' LEAK: Microsoft's playing catchup with Linux
Multiple desktops and live tiles in restored Start button star in new vids
iOS 8 release: WebGL now runs everywhere. Hurrah for 3D graphics!
HTML 5's pretty neat ... when your browser supports it
Mathematica hits the Web
Wolfram embraces the cloud, promies private cloud cut of its number-cruncher
Google extends app refund window to two hours
You now have 120 minutes to finish that game instead of 15
Intel: Hey, enterprises, drop everything and DO HADOOP
Big Data analytics projected to run on more servers than any other app
Mozilla shutters Labs, tells nobody it's been dead for five months
Staffer's blog reveals all as projects languish on GitHub
SUSE Linux owner Attachmate gobbled by Micro Focus for $2.3bn
Merger will lead to mainframe and COBOL powerhouse
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.