Patch Tuesday: Adobe to Silently Plug Critical Reader Vulnerabilities
Adobe, the California-based company that specializes in creating multimedia and creativity software products, has announced that on the 13th of April, it will roll out updates for Adobe Reader 9.3.1 as well as Adobe Reader 8.2.1 and Acrobat 8.2.1. Adobe says the updates will address critical security vulnerabilities that plague its products. The updates will be made available for Windows, Macintosh and UNIX.
“The updates will address critical security issues in the products. This quarterly security update will be made available for Windows, Macintosh and UNIX. With this quarterly update, we are enabling the new updater first shipped in a passive state with the October quarterly security update,” commented Wendy Poland on behalf of the Adobe Product Security Incident Response Team (PSIRT).
SPONSORED LINKS
The new updater that Wendy Poland mentioned above silently updates Adobe Reader and Adobe Acrobat without user intervention. The updater detects when the system is not busy and downloads the update. The new updater was shipped to users back in October and until now it was in passive state. As of this month it will be activated.
“Honoring the user's choice is important to Adobe. This includes the user's update preferences. Adobe has no plans to activate the automatic update option by default without prior user consent. That said, the security of our users is a key priority for Adobe. The majority of attacks we are seeing are exploiting software installations that are not up-to-date with the latest security fixes. We therefore believe that the automatic update option is the best choice for most end-users,” commented Group Product Manager for Adobe Reader, Steve Gottwals.
According to numerous studies, silent updaters that require no user interaction are the best way to ensure the latest patches are applied and that the software does not expose the user to security risks.
Speaking of security risks, Redmon-based software giant Microsoft will roll out 11 security bulletins on Tuesday, the 13th of April. These bulletins address a grand total of 25 vulnerabilities that plague the Windows operating system, the Microsoft Office productivity suite, and the collaborative application product Microsoft Exchange. Among these vulnerabilities is the first Windows 7 vulnerability uncovered back in November 2009 by Laurent Gaffié.