Adobe is moving up the release date for the patch for the critical bug in Reader and Acrobat and will now push the fix out on Oct. 5 instead of the following week. The flaw was disclosed last month and has been the target of attacks for several weeks now.
The company said on Thursday that it has moved the patch release up by a week and as a result, Adobe won’t be releasing any other patches for Reader or Acrobat on its regularly scheduled release day of Oct. 12.
“Adobe is planning to release updates for Adobe Reader 9.3.4 for Windows,
Macintosh and UNIX, Adobe Acrobat 9.3.4 for Windows and Macintosh, and
Adobe Reader 8.2.4 and Acrobat 8.2.4 for Windows and Macintosh to
resolve critical security issues. These issues include CVE-2010-2883 referenced in Security Advisory APSA10-02 and CVE-2010-2884 referenced in the Adobe Flash Player Security Bulletin APSB10-22. Adobe expects to make these updates available on October 5, 2010,” Adobe said in its advisory.
Adobe doesn’t release technical details of the vulnerabilities it’s planning to patch, but the bug in Reader and Acrobat can cause the applications to crash and allow an attacker to take complete control of the machine.