Adobe to launch updater service next week

As of Tuesday, all users of Adobe Reader and Acrobat will have the option of getting security updates automatically, like Chrome, Microsoft Windows, and Firefox users do.

Elinor Mills Former Staff Writer

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.

See full bio

Elinor Mills

April 8, 2010 11:25 a.m. PT

2 min read

Adobe will release its latest security updates for Reader and Acrobat on Tuesday via a new update system it has been testing the past six months, the company said on Thursday.

The Adobe updates will coincide with April's Patch Tuesday during which Microsoft will fix 25 vulnerabilities, including two for which exploit code has been released in the wild.

On Tuesday, Adobe will activate its updater technology for all users of Adobe Reader and Acrobat and use it to deliver the updates to resolve critical security issues, details of which were not disclosed in its security advisory.

The updates affect Adobe Reader 9.3.1 for Windows, Mac, and Unix, Acrobat 9.3.1 for Windows and Mac, and Reader 8.2.1 and Acrobat 8.2.1 for Windows and Mac.

The company has been testing the updater technology with a sample of customers since October 13. Users can set the system to automatically update, meaning the software will be downloaded and installed after it is available from Adobe, or semi-automatically so that the update is downloaded automatically but the user chooses when to install it.

These are the options Windows users get for updating Adobe Reader and Acrobat. Macintosh users can either opt out of any automatic updating or choose to have them automatically downloaded but make the decision as to when to install them.

Microsoft and Mozilla alert users when there are updates for Windows and Firefox, while Google's Chrome browser updates automatically without any notification. Many computer users either don't know when software updates are available or delay installing them, putting their systems at risk of attack even when vendors have patched the vulnerabilities. Relieving users of the responsibility for updating their systems will mean computers will be better protected from malware and other attacks, experts say.

Eventually, Adobe may include a way for users to switch the setting to auto-update from a prompt so that future updates happen automatically behind the scenes, an Adobe spokeswoman said.

"During our quarterly update on January 12, 2010, and then again for an out-of-cycle update on February 16, 2010, we exercised the new updater with our beta testers," Steve Gottwals, an Adobe product manager, wrote in the Adobe Reader Blog. "This allowed us to test a variety of network configurations encountered on the Internet in order to ensure a robust update experience. That beta process has been a successful one, and we've incorporated several positive changes to the end-user experience and system operation. Now, we're ready for the next phase of deployment."

Separately, the company is offering a workaround for an issue that could allow attackers to spread malware to computers via embedded executables in PDF files.

Updated at 12:10 p.m. PDT with Microsoft Patch Tuesday details.