Important: Acrobat 9.3 and Acrobat 8.2 Updates Available

Adobe just released updates to both Acrobat and Adobe Reader versions 8 and 9.

Both updates include some bug fixes and critical security updates.

If you manage your own computer, the easiest way to get the update is to choose Help—> Check for Updates.

Close Acrobat after the update begins.

If you don’t manage your computer, please contact your IT department.

You can get more information here about the updates below:

Release Notes for 9.3
Technote 52073
Release Notes for 8.2
Technote 52074
About the Security Updates
APSB10-02
Information on Application Security Control
Application Security Wiki

Important: Still using Acrobat or Reader 7?

Adobe no longer supports or patches for Acrobat/Reader 7 and earlier.

These versions and all previous versions are missing critical updates and users are recommended to upgrade.

For more information, see Adobe Support Policies.

NOTE: As described in Adobe’s Supported Product Versions, Adobe Acrobat Professional 7.x and Adobe Reader 7.x support ended on December 28, 2009.

Read on to learn more about why it is important to keep Acrobat up to date.

Why Keep Acrobat Up-to-date?

Adobe Reader and Acrobat are an interesting target to hackers in some ways. These products have some browser-like capabilities, connect to the internet and interact with the file system.

I’ve previously written about how Acrobat can be extended via JavaScript to add all sorts of new capabilities. Indeed, there are a great many customers who take advantage of this.

Unfortunately, JavaScript can be used in some malicious ways. Hackers try to embed JavaScript in a document which could deliver a malicious payload.

To help you keep your software up to date, the Adobe Updater periodically checks with our servers and alerts you if a new update is available. You can also check yourself at any time by choosing Help—> Check for Updates.

It is alarming to me how many customers I talk to do not keep Acrobat up to date.

Quite simply, not patching is bad. You put you, your clients and your organization at risk by not keeping your software up to date.

Security Alerts

If you are in IT or just curious, you can sign up for the Adobe Security Notification Service.The Adobe Security Notification Service is a free e-mail notification service that Adobe uses to send information to you about the security of Adobe products. You can unsubscribe at any time.

Security Blogs

Adobe has several Security-related blogs which are interesting reads, especially if you are on the geeky side.

The Security Matters Blog offers general insights about Adobe products and security.

The Adobe Reader Blog often covers security topics and will definitely be of interest to IT folks who deploy Reader.

Adobe Product Security Incident Response Team (PSIRT) has a blog that covers security across all Adobe products or interactions with operating systems and other tools.

Comments are closed.