We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
 
74,953 News Articles

Critical fixes for Adobe Reader & Acrobat

13 security bugs repaired in total

Adobe has released critical security patches, fixing 13 bugs in its Reader and Acrobat software.

The patches were released on Tuesday, the same day as Microsoft's monthly security update, making for a hectic day of patching for some system administrators. Microsoft patched a record 31 bugs, including critical flaws in Windows, Office, and Internet Explorer.

Adobe's software has increasingly been targeted by attackers who have found ways to use bugs in the code to install malicious software on computers. They do this by tricking a victim into opening a maliciously encoded .pdf file. "These vulnerabilities would cause the application to crash and could potentially allow an attacker to take control of the affected system," Adobe said in its security advisory.

Adobe's patches are for Windows and Mac users. Unix customers will have to wait until next week to get their updates, Adobe said.

Adobe has now moved to regular, quarterly security updates to make it easier for customers to plan. If it sticks to its schedule, the next Adobe update should be September 8.

Other file formats have also come under attack in the past few years, including Microsoft Office and Apple's QuickTime. In fact, Microsoft still needs to patch a publicly known flaw in the way its DirectShow software reads QuickTime files. Hackers have been exploiting this flaw in a small number of on-line attacks, Microsoft said.

Although these file-format attacks are rarely widespread, they can be tough to defend against, because so many different pieces of software - even antivirus programs - can be targeted with such an attack.

File format attacks are the new "low hanging fruit" for hackers, according to Steve Manzuik, a senior manager of security research at Juniper Networks.

"For the average user to stay safe, it's probably pretty tough," he added. "If someone wants to hack you bad enough they're going to do it."


IDG UK Sites

Samsung Galaxy Note 4 release date, price and specs 2014

IDG UK Sites

iPhone 5s review: why the iPhone 5s is still the best phone you can buy in 2014

IDG UK Sites

Passwords don't work: here's four ways to fix them

IDG UK Sites

Developers get access to more Sony camera features