Adobe has released 13 patches for vulnerabilities in five bulletins within its Reader and Acrobat products.
According to the company, critical vulnerabilities have been identified in Adobe Reader X (10.0.1) and earlier versions for Windows, Adobe Reader X (10.0.3) and earlier versions for Macintosh, and Adobe Acrobat X (10.0.3) and earlier versions for Windows and Macintosh.
Updates have been issued for Reader and Acrobat and incorporate the Flash Player updates as noted in Security Bulletin APSB11-12 and Security Bulletin APSB11-13. It said that the next quarterly security updates for Adobe Reader and Acrobat are currently scheduled for 13th September.
Dave Marcus, director of security research and communications at McAfee Labs, said: “There's going to be a lot of heavy lifting for IT administrators this month. Not only are there a large number of Microsoft patches, there's also the additional Adobe and Java patches to address as well. Administrators should evaluate and prioritise the most important patches for their organisation.”
Jason Miller, manager of research and development at VMware, said: “This update will address all supported versions of Adobe Acrobat and Reader. Some of these fixes have been a long wait for administrators, the vulnerabilities affecting Adobe Reader X have remained unpatched and the vulnerabilities have been exploited in the wild against older versions of the Reader product.
“For the X version of Adobe's product, the vulnerabilities have remained unpatched until the next scheduled quarterly security update because the latest version of their product runs in a sandbox mode. This prevents the vulnerabilities from being exploited.”