Adobe Emergency Patches

Adobe released an emergency update today that patches a pair of critical vulnerabilities in its popular PDF viewing and editing software.   Adobe had announced last Thursday that it would rush out a patch for Adobe Reader and Adobe Acrobat.

As expected, one of the two flaws being fixed relates to the cross-domain request vulnerability patched last week in Flash Player that is installed on virtually every personal computer.  The other bug is an application crashing vulnerability that could potentially allow an attacker to take control of the affected system or install malware.

Adobe ranked both bugs as critical.

Bulletins apsb10-06 and apsb10-07 provides more details of the Reader and Acrobat vulnerabilities.