In a move similar to Microsoft, Adobe have recently begun delivering security patches on the second Tuesday of each month and are also pre-announcing them. This Thursday the 4th September, they announced a critical (their highest of four security levels !) release for Adobe Reader versions 10 and 11 and Acrobat versions 10 and 11 – for both Windows and OS X. A critical release means that the vulnerabilities are already, or have a very high risk of, being exploited and if successfully exploited, could be used to hijack a personal computer and inject malware into it.
Adobe patched both Reader and Acrobat last “Patch Tuesday” which was August 12th and they have released patches three different times already this year. For a change, the frequently targeted Adobe Flash Player, which is more widely installed and used than Reader, will not be patched tomorrow. However, Adobe has already released 10 patches are varying criticality this year and we recommend checking that you have the latest version of this product installed.
To get the latest version of Adobe Flash Player, click on the image below
and simply follow the on screen instructions.
In order to update Adobe Reader and Acrobat, open up these programs, if you have them installed, and then from the Help menu, click “Check for Updates”. We suggest you do this within 24 to 48 hours of the release tomorrow.
There Are 4 Comments
Havenswift Hosting on 09 Sep, 2014
We have just found out that Adobe has delayed the patches to Adobe Reader X and XI as well as to Acrobat X and XI as they are saying that they need more time to iron out “issues identified during routine regression testing”.
Peter Richards on 09 Sep, 2014
Thanks for the update – I have searched around but cannot find any mention of when they are expecting to release these patches now – do you know ?
Havenswift Hosting on 09 Sep, 2014
I don’t think they have said, but at a guess it might be a week’s time
Havenswift Hosting on 18 Sep, 2014
Adobe have finally patched these bugs in their Reader and Acrobat software, addressing eight priority 1 (critical) vulnerabilities. Adobe have been quoted as saying that “Though these are all high priority issues, the disclosure list suggests that they are not active in the wild, but given the nature of the disclosure, exploit or proof of concept code will likely become available in the near future”. This is coded speak for “it is even more urgent that you upgrade these products now” so if you have either of these two, upgrade them straight away