Adobe warns of new Reader, Flash holes

Adobe Systems issues security patches for new hole in Flash Player and says it will patch a new vulnerability in Reader next week.

Adobe Systems on Thursday warned of new critical holes in Reader and Flash Player, released a security update for the Flash hole, and said a patch for Reader would come next week.

Updates for the following software are coming on Tuesday, according to Adobe's prenotification security advisory:

  • Reader 9.3 for Windows, Mac, and Unix
  • Acrobat 9.3 for Windows and Mac
  • Reader 8.2 for Windows and Mac
  • Acrobat 8.2 for Windows and Mac

The Tuesday updates will also address the Flash issue, Adobe said.

Meanwhile, the company released a security update to fix a hole in Flash Player version (and earlier versions) that could "subvert the domain sandbox and make unauthorized cross-domain requests," according to a security bulletin.

Adobe recommends that users update to Flash Player and update to AIR version

The company also issued a security bulletin to resolve an important vulnerability in BlazeDS 3.2 and earlier, which also affects LiveCycle, Flex Data Services, and ColdFusion.

Featured Video