MUST READ

IT Worker arrested for selling access in $100M PIX cyber heist

 | 

New Batavia spyware targets Russian industrial enterprises

 | 

Taiwan flags security risks in popular Chinese apps after official probe

 | 

U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

 | 

Hunters International ransomware gang shuts down and offers free decryption keys to all victims

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 52

 | 

Security Affairs newsletter Round 531 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates

 | 

Critical Sudo bugs expose major Linux distros to local Root exploits

 | 

Google fined $314M for misusing idle Android users' data

 | 

A flaw in Catwatchful spyware exposed logins of +62,000 users

 | 

China-linked group Houken hit French organizations using zero-days

 | 

Cybercriminals Target Brazil: 248,725 Exposed in CIEE One Data Breach

 | 

Europol shuts down Archetyp Market, longest-running dark web drug marketplace

 | 

Kelly Benefits data breach has impacted 550,000 people, and the situation continues to worsen as the investigation progresses

 | 

Cisco removed the backdoor account from its Unified Communications Manager

 | 

U.S. Sanctions Russia's Aeza Group for aiding crooks with bulletproof hosting

 | 

Qantas confirms customer data breach amid Scattered Spider attacks

 | 

CVE-2025-6554 is the fourth Chrome zero-day patched by Google in 2025

 | 

U.S. CISA adds TeleMessage TM SGNL flaws to its Known Exploited Vulnerabilities catalog

 | 

Adobe issued critical security updates for Acrobat and Reader PDF

Pierluigi Paganini September 18, 2014

Adobe with a week of delay on the roadmap has released security updates to fix critical vulnerabilities in Acrobat and Reader PDF.

Adobe has finally released critical security updates for its products Reader and Acrobat PDF software. The vulnerabilities fixed with these updates have been targeted by hackers in numerous cyber attacks worldwide.

The security updates for Adobe Reader and Acrobat are available for Windows and Macintosh computers and fix eight vulnerabilities.

adobe security updates

“Adobe has released security updates for Adobe Reader and Acrobat for Windows and Macintosh. These updates address vulnerabilities that could potentially allow an attacker to take over the affected system.” states the Adobe Security Bulletin.

The updates were originally scheduled to be released a week ago, but were delayed due to issues emerged during the development phase.

Five of eight flaws could be exploited by attackers for remote code execution, the other three vulnerabilities are:

  • a sandbox bypass vulnerability and could be exploited by an attacked to escalate privileges on Windows machines.
  • a denial-of-service (DoS) vulnerability related to memory corruption.
  • a cross-site scripting (XSS) flaw that affects only Mac OS.

The vulnerabilities are identified by the following CVE Numbers:

CVE-2014-0560, CVE-2014-0561, CVE-2014-0562, CVE-2014-0563, CVE-2014-0565, CVE-2014-0566, CVE-2014-0567, CVE-2014-0568

The Adobe product versions affected by the vulnerabilities are:
  • Adobe Reader XI (11.0.08) and earlier 11.x versions for Windows
  • Adobe Reader XI (11.0.07) and earlier 11.x versions for Macintosh
  • Adobe Reader X (10.1.11) and earlier 10.x versions for Windows
  • Adobe Reader X (10.1.10) and earlier 10.x versions for Macintosh
  • Adobe Acrobat XI (11.0.08) and earlier 11.x versions for Windows
  • Adobe Acrobat XI (11.0.07) and earlier 11.x versions for Macintosh
  • Adobe Acrobat X (10.1.11) and earlier 10.x versions for Windows
  • Adobe Acrobat X (10.1.10) and earlier 10.x versions for Macintosh
Once the software is updated, the system must be restarted. Adobe has also issued a critical update for Adobe Flash (Windows and Macintosh), Flash browser plugins and Adobe AIR Desktop to fix other critical flaws.
The new versions can be downloaded by using the following links:
Don’t waste time, update your Adobe products.

 

Pierluigi Paganini

(Security Affairs – Adobe products,security updates, Patch Management)

Adobe Adobe Reader Cross-Site Scripting denial-of-service attacks Remote Code Execution Sandbox Bypass

you might also like

Pierluigi Paganini July 08, 2025
IT Worker arrested for selling access in $100M PIX cyber heist
Read more
Pierluigi Paganini July 07, 2025
Taiwan flags security risks in popular Chinese apps after official probe
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

IT Worker arrested for selling access in $100M PIX cyber heist

Cyber Crime / July 08, 2025

New Batavia spyware targets Russian industrial enterprises

Uncategorized / July 07, 2025

Taiwan flags security risks in popular Chinese apps after official probe

Security / July 07, 2025

U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

Hacking / July 07, 2025

Hunters International ransomware gang shuts down and offers free decryption keys to all victims

Cyber Crime / July 06, 2025