Adobe patches critical security bugs in Flash, Reader, Acrobat
The company has released bug fixes for three of its products, all designed to patch critical security holes.
Those of you running Adobe Flash, Reader, and/or Acrobat are advised to download the latest updates. Adobe yesterday rolled out new and critical security fixes for all three products.
The update for Flash patches a vulnerability that could cause the software to crash and allow someone to remotely take control of an infected computer.
This hole has already been exploited through limited attacks, Adobe said. Deployed through a malicious Word document, this exploit attacks the ActiveX version of Flash Player installed as a plug-in on Internet Explorer for Windows.
Windows and Macintosh users can update Flash through the Adobe Flash Player Download Center. Google Chrome users running the latest version of the browser automatically get the security update as it's bundled with Chrome. Google yesterday released Chrome 21.0.1180.79 for Mac, Linux, Windows, and Chrome Frame to fix the hole in Flash, which is built directly into Chrome.
Also on your to-do list: Updating Adobe Reader and Acrobat. As with Flash, the latest updates shore up security holes in both products that could cause them to crash, letting an attacker remotely take over the computer.
Users of either or both products can update them directly through the "Check for Updates" command in the Help menu.
Depending on your settings, just launching the software may also trigger the update. I opened Adobe Acrobat this morning, which automatically installed the update.
Windows users can also download the update for Reader from Adobe's Download site, while users of Acrobat can do the same at that program's download page. Macintosh owners can grab the Reader and Acrobat updates online as well.