Adobe Addresses 27 Vulnerabilities in Acrobat and Reader XI

The releases are part of the January 8, 2013, security updates

By on January 9th, 2013 09:31 GMT

Adobe has addressed a total of 27 vulnerabilities that affect Reader and Acrobat XI (11.0.0) and earlier versions for Windows and Mac, and Adobe Reader 9.5.1 and earlier 9.x versions for Linux.

Users are advised to apply the updates as soon as possible since the security holes can be exploited to cause a crash or even to allow an attacker to take control of the affected device.

According to the advisory published by Adobe, the vulnerabilities are memory corruption, use-after-free, heap overflow, stack overflow, buffer overflow, and integer overflow issues that could lead to code execution.

Security bypass vulnerabilities and a local privilege escalation bug have also been addressed.

Security updates have also been made available for Adobe Flash Player to address a critical flaw.

Adobe still hasn’t addressed the three vulnerabilities that affect ColdFusion, but the company says it’s in the process of finalizing the fix, a hotfix being scheduled for January 15, 2013.

Adobe Reader for Windows is available for download here
Adobe Reader for Mac is available for download here
Adobe Reader for Linux is available for download here

Adobe Acrobat for Windows is available for download here
Adobe Acrobat for Mac is available for download here

Comments