Adobe warns of critical holes in Reader, Acrobat

Summary:Adobe is advising Reader and Acrobat users of a critical security flaw, and should prepare for an update scheduled for August 14.

Adobe announced today that it will release an update for Adobe Reader (9.5.1) and Acrobat (10.1.3) and earlier versions for both Windows and Mac to fix critical security flaws.

The updates will be released on August 14 -- this coming Tuesday. 

The pre-notification security advisory warning -- APSB12-16 -- gives few details, except noting the affected software versions and the severity of the security flaws.

  • Adobe Reader X (10.1.3) and earlier 10.x versions for Windows and Mac
  • Adobe Reader 9.5.1 and earlier 9.x versions for Windows and Mac
  • Adobe Acrobat X (10.1.3) and earlier 10.x versions for Windows and Mac
  • Adobe Acrobat 9.5.1 and earlier 9.x versions for Windows and Mac

The flaws are rated "critical," meaning malicious native-code can be executed without a user's knowledge. 

Out of the six versions of Adobe Reader and Adobe Acrobat, four have a priority rating of 2, signifying "a vulnerability that has historically been at elevated risk," despite "no known exploits." 

However, both products have versions for Windows and Mac that are at rating 1, noting that a vulnerability is "being targeted" or at a "higher risk of being targeted." These updates should be installed within 72 hours of the security fix release. 

Topics: Security, Developer


Zack Whittaker is a writer-editor for ZDNet, and sister sites CNET and CBS News. He is based in the New York newsroom. His PGP key is: EB6CEEA5.

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.