Acrobat and Reader Updates: APSB12-08

Today Adobe released security updates for Adobe Acrobat and Adobe Reader.

An entry to the Adobe Secure Software Engineering Team (ASSET) Blog discusses several aspects of this security bulletin.

First, Acrobat and Reader 9 will no longer be using a special version of Flash bundled with those products.   Instead they will look to use what I call the plugin version of Flash.   That is the version for non-Microsoft browsers other than Chrome (Firefox, Opera, etc).   Chrome bundles its own special version of Flash.

Adobe has written the Netscape Plugin Application Programming Interface (NPAPI) to allow Acrobat and Reader to access the plugin based Flash in your Operating System.

The good news is no longer will you have to install an update to Acrobat or Reader every time there is a Flash update.   The bad news is this is only applicable to version 9.   Version 10 is still being developed.  The other bad news is if you don’t have the plugin version of Flash installed, you will be prompted to install it if you open a PDF with Flash content.

In general having Reader and Acrobat X is much more secure than having 9.   But if you’re hanging on to 9 for some reason this is good news for you.

Adobe announced that no longer will they have quarterly patches by default.   Instead scheduled releases may occur on Microsoft patch Tuesdays.   They will preannounce three days ahead of time if a patch will occur that month.   So-called out-of-band updates will be released as necessary.   I read this at less frequent Adobe Acrobat and Reader patches.

Check the Adobe ASSET blog for information.