Menu
Serious flaws patched for Adobe Reader and Windows 2000

Serious flaws patched for Adobe Reader and Windows 2000

Adobe timed the release of a critical patch for Reader with a barely-there Patch Tuesday.

Today's post-holiday Patch Tuesday included just one bulletin, which is rated critical only for Windows 2000, but Adobe also released a must-have Reader update.

Microsoft's MS10-001 security bulletin addresses a flaw with Embedded OpenType fonts that can be attacked through any program that can render the fonts, including Internet Explorer, PowerPoint or Word. A successful attack could hand over complete control of a vulnerable system, according to the bulletin, but only Windows 2000 is vulnerable.

Other versions of Windows "contain the vulnerable code but do not use this code in a way that may expose the vulnerability," according to the bulletin. If you have a Windows 2000 system you'll get this fix via Windows Update.

On the other hand, all Windows, Macintosh and Unix systems with Adobe Reader 9.2 or Acrobat 9.2 will need a program update to version 9.3 to close an under-attack security flaw that has been targeted with poisoned .pdf files. Acrobat versions 8.1.7 and earlier will likewise require an upgrade to version 8.2. Heading to Help | Check for Updates will get you the update, or download the full 9.3 version. For more details see Adobe's bulletin.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags securityMicrosoftadobePatch Tuesday

Show Comments