Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Adobe to Patch Critical Vulnerabilities in Reader, Acrobat

On Tuesday, May 12, Adobe will release security updates to address critical vulnerabilities discovered in Adobe Reader and Adobe Acrobat for Windows and Mac.

On Tuesday, May 12, Adobe will release security updates to address critical vulnerabilities discovered in Adobe Reader and Adobe Acrobat for Windows and Mac.

Adobe has not provided too much information in the prenotification security advisory published on Thursday, but the company has revealed that the issues affect Acrobat and Reader XI (11.0.10) and earlier versions, and Acrobat and Reader X (10.1.13) and earlier versions.

While the vulnerabilities that will be patched next week are considered critical, Adobe has assigned them a priority rating of 2. Updates with this priority rating address security bugs in a product that has historically been at elevated risk. Such flaws are not currently exploited in the wild and the company doesn’t expect them to be exploited too quickly.

Administrators are advised by the company to apply such updates within 30 days.

Vulnerabilities are often identified in Adobe products, especially Flash Player. Up until this point in 2015, Adobe released six security bulletins for Flash Player. The updates address tens of flaws, including zero-days that had been exploited in the wild before a patch was available.

Last month’s Flash Player updates fixed a total of 22 vulnerabilities, including one that has been exploited in the wild.

Adobe announced in March the launch of a bug bounty program for the company’s web applications. The program, hosted on the HackerOne platform, has already helped the company close more than 50 vulnerabilities, despite the fact that it’s not offering any monetary rewards to researchers who report bugs.

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how the LOtL threat landscape has evolved, why traditional endpoint hardening methods fall short, and how adaptive, user-aware approaches can reduce risk.

Watch Now

Join the summit to explore critical threats to public cloud infrastructure, APIs, and identity systems through discussions, case studies, and insights into emerging technologies like AI and LLMs.

Register

People on the Move

Matthew Cowell has assumed the role of VP of Strategic Alliances at Nozomi Networks. He previously served in the same role at Dragos.

Bret Arsenault is retiring from his full-time role after 35 years at Microsoft.

Social engineering defense platform Doppel has appointed Bobby Ford as Chief Strategy and Experience Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.