Adobe warns of new Reader, Flash holes
Adobe Systems issues security patches for new hole in Flash Player and says it will patch a new vulnerability in Reader next week.
Adobe Systems on Thursday warned of new critical holes in Reader and Flash Player, released a security update for the Flash hole, and said a patch for Reader would come next week.
Updates for the following software are coming on Tuesday, according to Adobe's prenotification security advisory:
- Reader 9.3 for Windows, Mac, and Unix
- Acrobat 9.3 for Windows and Mac
- Reader 8.2 for Windows and Mac
- Acrobat 8.2 for Windows and Mac
The Tuesday updates will also address the Flash issue, Adobe said.
Meanwhile, the company released a security update to fix a hole in Flash Player version 10.0.42.43 (and earlier versions) that could "subvert the domain sandbox and make unauthorized cross-domain requests," according to a security bulletin.
Adobe recommends that users update to Flash Player 10.0.45.2 and update to AIR version 220.127.116.110.
The company also issued a security bulletin to resolve an important vulnerability in BlazeDS 3.2 and earlier, which also affects LiveCycle, Flex Data Services, and ColdFusion.