At the start of the month of June Adobe announced that Adobe Flash Player, Adobe Reader and Adobe Acrobat are all plagued by a vulnerability that, if exploited by a person with malicious intent, could give the attacker control of the targeted machine. Adobe said that the vulnerability affects the following products:

- Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux and Solaris.
- Adobe Reader 9.3.2 and earlier 9.x versions for Windows, Macintosh and UNIX
- Acrobat 9.3.2 and earlier 9.x versions for Windows, Macintosh and UNIX.

The California-based company that specializes in creating multimedia and creativity software products said that it would plug the Flash Player security hole by June 10 – and so it did with the release of Adobe Flash Player 10.1. As a little side note, Flash Player 10.1 plugged more than 30 security holes. Adobe also said it would plug the Reader and Acrobat security hole by June 29 – and did so the other day.

Adobe has rolled out Adobe Reader 9.3.3 and Adobe Acrobat 9.3.3. For users who cannot get Reader or Acrobat 9.X, Adobe has rolled out Reader 8.2.3 and Acrobat 8.2.3. The latest version of Adobe Reader and Adobe Acrobat, plug a grand total of 17 security holes.

If you want to stay safe and secure, then you are well advised to update to Adobe Reader/Acrobat 9.3.3 or Adobe Reader/Acrobat 8.2.3. These latest versions plug several critical security holes (17 security holes in total, just to put things in perspective), including a memory corruption vulnerability that is being actively exploited in the wild. All the security vulnerabilities that Adobe Reader/Acrobat 9.3.3 or Adobe Reader/Acrobat 8.2.3 plug lead to code execution, or could lead to code execution.

Additional details on this topic are available in this Adobe Security Bulletin.