Adobe warns of new Reader, Flash holes

Adobe Systems issues security patches for new hole in Flash Player and says it will patch a new vulnerability in Reader next week.

Adobe Systems on Thursday warned of new critical holes in Reader and Flash Player, released a security update for the Flash hole, and said a patch for Reader would come next week.

Updates for the following software are coming on Tuesday, according to Adobe's prenotification security advisory:

  • Reader 9.3 for Windows, Mac, and Unix
  • Acrobat 9.3 for Windows and Mac
  • Reader 8.2 for Windows and Mac
  • Acrobat 8.2 for Windows and Mac

The Tuesday updates will also address the Flash issue, Adobe said.

Meanwhile, the company released a security update to fix a hole in Flash Player version 10.0.42.43 (and earlier versions) that could "subvert the domain sandbox and make unauthorized cross-domain requests," according to a security bulletin.

Adobe recommends that users update to Flash Player 10.0.45.2 and update to AIR version 1.5.3.1930.

The company also issued a security bulletin to resolve an important vulnerability in BlazeDS 3.2 and earlier, which also affects LiveCycle, Flex Data Services, and ColdFusion.

 

Join the discussion

Conversation powered by Livefyre

Show Comments Hide Comments