Adobe Releases Critical Acrobat Security Update

Adobe released updates for its Acrobat and Adobe Reader applications Tuesday night to patch a series of security flaws, some of which were tagged as critical. One of the security threats Acrobat and Adobe Reader versions 9.3 and 8.2 address was a flaw that hackers have been exploiting since late 2009 through maliciously crafted PDF documents.

Adobe publicly disclosed in December the security flaw that hackers had been taking advantage of, but held the patch until January 12 to avoid disrupting its regular update cycle.

The updates address security-related flaws where attackers could take advantage of a 3D vulnerability, memory corruption vulnerability, script injection vulnerability, null-pointer vulnerability and a buffer overflow flaw in the Download Manager to run arbitrary code, cause application crashes, or launch denial of service attacks.

The updates are available for download at the Adobe Web site.