A couple of weeks ago Adobe announced a serious security issue involving Flash and before that, a few vulnerabilities for Reader and Acrobat. While the Flash update has already been released, the Reader and Acrobat flaws remained unpatched.
This week, Adobe has finally released the update for Adobe Reader and Acrobat. Here are the details.
PDF users who’ve been waiting on edge for the update, no longer have to worry about every PDF file they come across. The patch can be downloaded from the security bulletin page here on the Adobe site.
Adobe strongly advised users using the last version of Reader and Acrobat to keep their software update: this means Adobe Reader and Acrobat 9.3.3. For users with older versions of Acrobat and Reader, they should update to version 8.2.3.
According to the news, this update is part of Adobe’s quarterly updating scheduling, and actually replaces the next scheduled update that would occur on July 13. Because of this the next update you’ll see will be on October 12, 2010.
In addition, Steve Gottwals, writer for the Adobe Reader Blog, also documents a few more notes on Adobe Reader updates.
For one thing, the update fixes the social engineering vulnerability exposed by Didier Stevens earlier in April. The update “includes changes to resolve the misuse of this command. We added functionality to block any attempts to launch an executable or other harmful objects by default. We also altered the way the existing warning dialog works to thwart the known social engineering attacks.”
Secondly, the Adobe Reader Updater has been well received. Gottwals writes, “our data showed that the user population adopted the last update roughly three times faster than previous updates. This is an extremely important metric, since it greatly reduces the window of exposure available to attackers.”
Moreover, the Adobe Reader Download Center will also experience some upcoming changes that will be implemented on July13, 2010 which look like they’ll make updating and downloading to the latest Reader a lot more easier.
