According to Adobe, its Reader 9.3 for Windows, Apple Mac and Unix, along with Acrobat 9.0, Reader 8.2 and Acrobat 8.2 for Windows plus Apple Mac, are vulnerable to the first potentially serious security flaw.
The second flaw could – under the right circumstances – give hackers the opportunity to inject malicious code using flaws in Adobe Reader and Acrobat for Windows, Apple Mac and Unix.
Graham Cluley, senior technology consultant with Sophos, has spotted the fact that the Apple Mac URL actually links to a page full of Windows files.
"A not entirely helpful link for Mac users", he said in his blog posting, adding that: "Hopefully Adobe will sort that out soon, and make it clearer where users can download the right patches for their operating system from. I, for one, am still finding it difficult to locate Adobe Reader 9.3.1."
Infosecurity also notes that Adobe was – as of lunchtime today – still offering Adobe Reader 9.3.0 on its official download site, despite the fact that the two security vulnerabilities have been detected in this edition.
The best option seems to be to install Adobe Reader 9.3.0 and then the security update to patch the software up to version 9.3.1.