Oracle, Adobe Announce First Critical Patches of 2014

[Reefa]

As expected, Oracle and Adobe will release critical patches alongside Microsoft on Tuesday to kick off the year’s inaugural Patch Tuesday batch of security updates.

Adobe is slated to release updates to fix critical vulnerabilities in its Reader and Acrobat products for Windows and Macintosh operating systems.

According to a pre-notification security bulletin posted yesterday on the company’s site, versions of Reader XI from 11.0.05 and earlier and Reader X from 10.1.8 and earlier are vulnerable along with versions of Acrobat XI 11.0.05 and earlier and Acrobat X 10.1.8 and earlier.

Oracle’s quarterly Critical Patch Update will bring a slew of fixes – 147 in total – to 47 of the company’s products, including Java SE.

Speaking of Java SE, this will be the second time Java updates will be been included in Oracle’s quarterly patch roundup. SE, along with SE Embedded, JavaFX and JRockit account for most of the fixes this quarter, 36 of the 147 listed. According to Oracle’s pre-release announcement 34 of those 36 could be remotely exploited without authentication.

Naturally we’ll have to wait until Tuesday to find out more information about the patches and exactly what vulnerabilities they’ll address.

Microsoft has already announced it will patch a Windows XP zero day flaw from late last year on Tuesday along with separate issues in Office and Dynamics AX.

Source