On January 5, Adobe released security updates for Adobe Acrobat and Reader. The patch contained solutions for 32 vulnerabilities that affected Windows and Macintosh systems. While it’s always a good idea to keep your software updated, one of the main reasons you should update to the current version is it contains fixes for critical vulnerabilities that could result in an attacker potentially gaining access to your system.
After Adobe released an update on the 5th of January, a follow up was made on the 20th.
Here are the affected versions:
- Acrobat DC version 15.020.20042 and earlier
- Acrobat Reader DC 15.020.20042 and earlier
- Acrobat DC 15.006.30244 and earlier
- Acrobat Reader DC 15.006.30244 and earlier
- Acrobat XI 11.0.18 and earlier
- Reader XI 11.0.18 and earlier
Once the update has been made, these are the versions that should be reflected on the products:
- Continuous Track – version 15.023.20053
- Classic Track – version 15.006.30279
- Desktop – version 11.0.19
The fixes included in the update addressed the following issues:
- type confusion vulnerability that could potentially result in code execution
- use-after-free vulnerabilities that could lead to code execution
- heap buffer overflow vulnerabilities that could result in code execution
- buffer overflow vulnerabilities that could potentially lead to code execution
- memory corruption vulnerabilities that could result in code execution
- security bypass vulnerability
How to Update
There are different ways to update your software. The first is to update the product manually by going to Help -> Check for Updates. The update will be done automatically without requiring you to intervene.
The other method of updating is to download the latest version of the software yourself. Just go to the Acrobat Reader Download Center and follow the instructions.
Addressing vulnerabilities is nothing new when it comes to software. In the past year, 71 vulnerabilities were addressed in an Adobe Acrobat and Reader update. There’s less than that amount this time but be a responsible user and make sure to update your product to the latest version – it’s one of the ways to make sure you’re protected from potential threats.