Adobe will release Tuesday an update for Adobe Reader (9.5.1) and Acrobat (10.1.3) and earlier versions for Windows and Mac to fix critical security flaws.
The flaws are “critical,” meaning malicious native-code can execute without a user’s knowledge.
The pre-notification security advisory warning, APSB12-16, gives few details, except noting the affected software versions and the severity of the security flaws.
• Adobe Reader X (10.1.3) and earlier 10.x versions for Windows and Mac
• Adobe Reader 9.5.1 and earlier 9.x versions for Windows and Mac
• Adobe Acrobat X (10.1.3) and earlier 10.x versions for Windows and Mac
• Adobe Acrobat 9.5.1 and earlier 9.x versions for Windows and Mac
Out of the six versions of Adobe Reader and Adobe Acrobat, four have a priority rating of 2, signifying “a vulnerability that has historically been at elevated risk,” despite “no known exploits.”
However, both products have versions for Windows and Mac that are at rating 1, noting a vulnerability is “being targeted” or at a “higher risk of being targeted.” As users should install these updates within 72 hours of the security fix release.