Adobe will release its latest security updates for Reader and Acrobat on Tuesday via a new update system it has been testing the past six months, the company said on Thursday.
The Adobe updates will coincide with April's Patch Tuesday during which25 vulnerabilities, including two for which exploit code has been released in the wild.
On Tuesday, Adobe will activate its updater technology for all users of Adobe Reader and Acrobat and use it to deliver the updates to resolve critical security issues, details of which were not disclosed in its security advisory.
The updates affect Adobe Reader 9.3.1 for Windows, Mac, and Unix, Acrobat 9.3.1 for Windows and Mac, and Reader 8.2.1 and Acrobat 8.2.1 for Windows and Mac.
The company has been testing the updater technology with a sample of customers since October 13. Users can set the system to automatically update, meaning the software will be downloaded and installed after it is available from Adobe, or semi-automatically so that the update is downloaded automatically but the user chooses when to install it.
Microsoft and Mozilla alert users when there are updates for Windows and Firefox, while Google's Chrome browser updates automatically without any notification. Many computer users either don't know when software updates are available or delay installing them, putting their systems at risk of attack even when vendors have patched the vulnerabilities. Relieving users of the responsibility for updating their systems will mean computers will be better protected from malware and other attacks, experts say.
Eventually, Adobe may include a way for users to switch the setting to auto-update from a prompt so that future updates happen automatically behind the scenes, an Adobe spokeswoman said.
"During our quarterly update on January 12, 2010, and then again for an out-of-cycle update on February 16, 2010, we exercised the new updater with our beta testers," Steve Gottwals, an Adobe product manager, wrote in the Adobe Reader Blog. "This allowed us to test a variety of network configurations encountered on the Internet in order to ensure a robust update experience. That beta process has been a successful one, and we've incorporated several positive changes to the end-user experience and system operation. Now, we're ready for the next phase of deployment."
Separately, the company is offering a workaround for an issue that could allow attackers to spread malware to computers via embedded .
Updated at 12:10 p.m. PDT with Microsoft Patch Tuesday details.