On Wednesday, the Adobe Reader security team said it had fixed the buffer overflows in the latest version of the popular software.
The vulnerabilities could allow attackers to gain unauthorized access to the websites users have visited, and they also affect users of the Adobe Flash Player and its plug-ins, the company said.
The vulnerability affects the Adobe Acrobat Reader version 7.5.1 and earlier, the Reader and Adobe Reader plug-in versions 1.0.0 and 1.2.0, Adobe Flash 8.0a1 and later, Adobe Reader for Windows 7 and earlier and Adobe Flash 11.2 and later.
Adobe also announced that it was updating its security products to protect users and end users from the buffer overflow vulnerabilities.
The Adobe Reader team said in a blog post that it patched the buffer leaks through a new security update that addresses the vulnerability with a new update for Windows and Mac OS X.
The updated Adobe Reader software has a version number of 9.0-1123.
The update is available now on the Adobe Security website.
As part of the update, Adobe also updated its security measures, including a fix for a potential vulnerability in Adobe Flash and a fix to address the buffer overrun vulnerability in the Adobe Embedded Security and Privacy suite.
Adobe Reader for Android has been updated to fix a buffer overflow flaw that could allow an attacker to gain access to users’ personal data and files, the software maker said.
In a blogpost, Adobe said that it had updated its Security products to address both vulnerabilities and to update the Flash plug-In, which includes Adobe Reader.
Advancements in the use of advanced encryption and encryption methods could allow the disclosure of personal data that would not otherwise be available, Adobe noted.
Adrian Chen, Adobe’s chief security officer, told Ars Technica that the buffer-overflow vulnerabilities in both Flash and Adobe Embedding Security and privacy suites have been fixed.
Chen did not provide further details about how the update was issued, but Ars has reached out to Adobe for further comment.
Admittedly, the fix is a big deal for users who have already used Adobe Reader in the past.
The vulnerability in Acrobat had been fixed for many users with a recent update.
In addition to the patch for the buffer, Adobe is releasing an update to address an exploit in Adobe Embedding Security and a security vulnerability in Flash that could be exploited by a malicious user.
Advantage Adobe Reader has a robust security suite, but it is not the only product affected by buffer overflow bugs in recent months.
According to Ars Technic, Adobe Security patched several vulnerabilities in Firefox in August that allowed an attacker with access to a browser’s user-agent string to compromise websites.
Last month, Adobe released a security update for Adobe Reader that fixes a buffer overrun issue that could lead to data theft from Adobe Embendenance, a product that provides an Adobe Flash plug in.