CNET también está disponible en español.

Ir a español

Don't show this again

Security

Adobe fixes Reader, Acrobat for Mac OS

Two "medium risk" flaws could allow an attacker to run executables or abuse elevated privileges in Safari.

Adobe Systems has updated its Adobe Reader and Adobe Acrobat for Apple Computer's Mac OS to version 7.0.2. The updates fix two vulnerabilities. The first flaw lies in the way the applications process JavaScript tags embedded in PDF files, according to Adobe. An attacker could launch executable programs on the victim's system by crafting a malicious PDF file. The attacker would have to know the exact location of the executable, Adobe said in an advisory released on Monday.

The second flaw is in the updater for Acrobat and Reader. Folder permissions in Safari Frameworks are elevated when downloading, which could be exploited by an attacker, Adobe said. Safari is Apple's Web browser. Security researchers with the French Security Incident Response Team rate the issues "medium" risk, which means they could be exploited remotely and locally, leading to a denial of service or an escalation of privileges.