Security Market Segment LS
Tuesday, 14 September 2010 17:28

Acrobat and Reader updates coming, while new Flash vulnerability threatens


Adobe will bring forward by a few days the release of its next quarterly update for Acrobat and Reader in response to a recently-discovered vulnerability that is being exploited in the wild. There's also a warning of an actively exploited vulnerability in Flash Player that will be fixed a the same time.

Last week, Adobe warned its users that a critical vulnerability in Acrobat and Reader was being actively exploited, but did not say when it expected to release a fix.

Shortly after, Adobe and Microsoft stated that the latter's EMET (Enhanced Mitigation Experience Toolkit) 2.0 could be used to mitigate the issue - which stemmed from a library that does not take advantage of address space layout randomisation (ASLR) plus the use of an old and deprecated string function - on Windows XP, Vista, Windows Server 2003 and 2008, and Windows 7. While the vulnerability is also present in the Mac and Unix versions of the software, there are no reports of exploits.

The company has now announced that an update is expected in the week of October 4. This update will be a slightly accelerated release of the quarterly update that was scheduled for October 12.

Adobe released out-of-cycle patches for Acrobat and Reader in August. As with the latest scare, the issue addressed at that time concerned font handling.

Adobe has also warned of a critical vulnerability in in Flash Player and earlier versions for Windows, Macintosh, Linux and Solaris, as well as Adobe Flash Player for Android. Acrobat and Reader 9.3.4 and earlier versions are also affected.

Please read on for more on the Flash vulnerability.

The vulnerability is being actively exploited against Flash Player on Windows, but company officials are not aware of exploits on other operating systems.

Updates for Flash Player are expected during the week of September 27, with the corresponding fixes for Acrobat and Reader being delivered in the updates now planned for October 4.

Until then, the only mitigation suggested by Adobe is to keep anti-malware software up to date.


Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


Stephen Withers

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.

Share News tips for the iTWire Journalists? Your tip will be anonymous