Adobe Reader and Adobe Acrobat zero-day flaws to be fixed this week

Adobe Reader and Adobe Acrobat will be patched in the coming days.

Software giant Adobe has confirmed that a software patch will be released this week to fix two security vulnerabilities in its Reader and Acrobat software.

As reported by IT Pro last week, security flaws were recently found in several versions of Adobe Reader and Adobe Acrobat that experts feared could be used to carry out targeted attacks on Mac and PC users.

Security vendor, FireEye, discovered the vulnerabilities and claimed they were already being exploited in the wild.

The vulnerabilities, which are identified as critical in a security advisory on Adobe's website, can cause applications to crash and puts the system at a higher risk for infiltration by attackers.

"Adobe is aware of reports that these vulnerabilities are being exploited in the wild in targeted attacks designed to trick Windows users into clicking on a malicious PDF file delivered in an email message," a section of the Adobe advisory read.

However, in a follow-up advisory published over the weekend, Adobe confirmed that it plans to roll out an update that will fix the security holes later this week.

In the meantime, Adobe has advised users to take proper security precautions until the updates are released. They have also been advised not to open PDF documents from unknown sources.

"Users of Adobe Reader XI and Acrobat XI for Windows can protect themselves from this exploit by enabling Protected View," the advisory added.

"To enable this setting, choose the 'Files from potentially unsafe locations' option under the Edit > Preferences > Security (Enhanced) menu," it continued.

Featured Resources

Modern governance: The how-to guide

Equipping organisations with the right tools for business resilience

Free Download

Cloud operational excellence

Everything you need to know about optimising your cloud operations

Watch now

A buyer’s guide to board management software

How the right software can improve your board’s performance

The real world business value of Oracle autonomous data warehouse

Lead with a 417% five-year ROI

Download now

Recommended

Kaspersky exposes MysterySnail zero-day exploit in Windows
zero-day exploit

Kaspersky exposes MysterySnail zero-day exploit in Windows

13 Oct 2021
Nigerian cyber criminals target Texas unemployment system
cyber security

Nigerian cyber criminals target Texas unemployment system

27 May 2021
Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

6 Jan 2022
How to speed up Windows 11
Microsoft Windows

How to speed up Windows 11

7 Jan 2022
Solving cyber security's diversity problem
Careers & training

Solving cyber security's diversity problem

5 Jan 2022