Adobe updates Acrobat, Reader, and Flash for security

Amid reports of rising security risks surrounding PDF formatted files and the continued battle to keep Flash at the forefront of Web-based multimedia usage, Adobe releases critical security updates for Acrobat, Reader, and Flash.

By the end of 2009, malicious Adobe Reader and Acrobat documents were to blame for 80 percent for security exploits, according to security firm ScanSafe. This reported by ComputerWorld's Greg Keizer just before Adobe released this update.

"PDF exploits are usually the first ones attempted by attackers," said Mary Landesman, a ScanSafe senior security researcher, referring to the multi-exploit hammering that hackers typically give visitors to malicious Web sites. "Attackers are choosing PDFs for a reason. It's not random. They're establishing a preference for Reader exploits."

To read more about the security threat in Acrobat and Reader and get detailed information about the update, users can visit Adobe's Security Bulletin.

To download the security updates for Adobe Reader and Adobe Acrobat, visit:

• Adobe Reader Update for Mac
• Adobe Acrobat Update for Mac

To read more about the security threat in Flash and get detailed information about the update, users can visit Adobe's Security Bulletin.

A critical vulnerability has been identified in Adobe Flash Player version 10.0.42.34 and earlier. This vulnerability (CVE-2010-0186) could subvert the domain sandbox and make unauthorized cross-domain requests.

Adobe recommends users of Adobe Flash Player 10.0.42.34 and earlier versions update to Adobe Flash Player 10.0.45.2. Adobe recommends users of Adobe AIR version 1.5.3.9120 and earlier versions update to Adobe AIR 1.5.3.9130.

To download the security updates for Adobe Flash, visit:

• Adobe Flash Update for Mac

---

Be sure to check us out on Twitter and the CNET Mac forums.
Do you have questions, issues, or stories you would like to see on MacFixIt? E-mail Us.