Adobe to patch Black Hat bugs on Thursday
Adobe plans to release out-of-sequence updates on Thursday (19 August) designed to patch security holes in its Acrobat and Reader PDF software revealed at the Black Hat conference earlier this month.
Updates for Adobe Reader 9.3.3 for Windows, Macintosh and Unix will accompany Adobe Acrobat 9.3.3 for Windows and Macintosh as well as cross-platform patches for Adobe Reader 8.2.3 and Acrobat 8.2.3 – earlier but still supported versions of the software applications. Thursday will also mark the availability of a cross-platform update for Adobe Flash Player 10.1.53.64.
Vulnerable versions of Acrobat bundle an at-risk version of Flash Player. Secondly an integer overflow error in CoolType.dll library packages creates a critical code injection flaw, as explained in an advisory by Secunia here. Both bugs were discovered by Charlie Miller, of Independent Security Evaluators.
Originally published by The Register. Read the original story here