Patches Despatches

In a previous blog relating to Acrobat vulnerabilities, I suggested that you might want to sign up for Adobe’s alerts service. I did, but still haven’t received any news from it. However, it appears that The Register (or one of its sources) did, so I’m nevertheless aware that Adobe has released updates to address the problems we’ve flagged previously several times previously (,,

In case Adobe isn’t speaking to you either, you might want to hotfoot it over there and update to Reader 9.1 (and, if you’re using Acrobat 9, go to Acrobat 9.1). Adobe also says it is "planning to make available updates for Adobe Reader 7 and 8, and Acrobat 7 and 8, by March 18…[and] Adobe Reader 9.1 for Unix by March 25".

Meanwhile, Microsoft has released one critical update and two important updates: as discussed previously, there’s no update yet for the  Excel vulnerability we’ve also discussed here and here and even here.  Don’t panic: I’m sure there’ll be one along eventually.

Director of Malware Intelligence

Author David Harley, ESET

  • Andrew Carpenter

    Adobe Reader 9.1 is still shipping with an insecure component! When installed, Reader 9.1 also installs Adobe Air which is insecure. The patched version is 1.5.18210.

  • I am finally getting another PDF reader to replace Acrobat. Acrobat Reader has become so bloated, the installation of the ASK toolbar is set to default, and Adobe seems rather cavalier about security. I believe F-Secure has also recommended a change to another reader. There are PDF standards now, and users do have alternatives to both Reader and Acrobat.


  • David Harley

    If you’re thinking about foxit, be sure to get the patches:

Follow us

Copyright © 2017 ESET, All Rights Reserved.