We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

Critical fixes for Adobe Reader & Acrobat

13 security bugs repaired in total

Adobe has released critical security patches, fixing 13 bugs in its Reader and Acrobat software.

The patches were released on Tuesday, the same day as Microsoft's monthly security update, making for a hectic day of patching for some system administrators. Microsoft patched a record 31 bugs, including critical flaws in Windows, Office, and Internet Explorer.

Adobe's software has increasingly been targeted by attackers who have found ways to use bugs in the code to install malicious software on computers. They do this by tricking a victim into opening a maliciously encoded .pdf file. "These vulnerabilities would cause the application to crash and could potentially allow an attacker to take control of the affected system," Adobe said in its security advisory.

Adobe's patches are for Windows and Mac users. Unix customers will have to wait until next week to get their updates, Adobe said.

Adobe has now moved to regular, quarterly security updates to make it easier for customers to plan. If it sticks to its schedule, the next Adobe update should be September 8.

Other file formats have also come under attack in the past few years, including Microsoft Office and Apple's QuickTime. In fact, Microsoft still needs to patch a publicly known flaw in the way its DirectShow software reads QuickTime files. Hackers have been exploiting this flaw in a small number of on-line attacks, Microsoft said.

Although these file-format attacks are rarely widespread, they can be tough to defend against, because so many different pieces of software - even antivirus programs - can be targeted with such an attack.

File format attacks are the new "low hanging fruit" for hackers, according to Steve Manzuik, a senior manager of security research at Juniper Networks.

"For the average user to stay safe, it's probably pretty tough," he added. "If someone wants to hack you bad enough they're going to do it."


IDG UK Sites

Samsung Galaxy S6 launch as it happened: Galaxy S6 launch video and live blog - watch again as...

IDG UK Sites

5 things we hate about MWC: What it's like to be a journalist at a technology trade show

IDG UK Sites

Interview: Lauren Currie aims to help design students bridge skills gap

IDG UK Sites

12in Retina MacBook Air release date rumours: new MacBook Air to have fingerprint ID, could launch...