Previous versions are affected by serious code execution vulnerabilities

Apr 11, 2012 14:06 GMT  ·  By

Adobe released Reader 10.1.3 and Acrobat 10.1.3 to address a number of vulnerabilities that could cause the applications to crash and maybe even allow an attacker to execute arbitrary code.

The list of fixed weaknesses includes an integer overflow in True Type Font handling, a memory corruption flaw in JavaScript handling and in the JavaScript API, and a security bypass issue in the Adobe Reader installer.

All these vulnerabilities could be leveraged by a cybercriminal to execute arbitrary code and cause some serious damage to the affected systems.

Users who currently rely on Adobe Reader 10.1.2, Adobe Acrobat 10.1.2 and their previous versions are advised to update to the latest variant to ensure that their computers are protected.

Adobe Reader 10.1.3 is available for download here Adobe Acrobat 10.1.3 is available for download here

Note. My Twitter account has been erroneously suspended. While this is sorted out, you can contact me via my author profile or follow me at @EduardKovacs1