Acrobat Vulnerabilities Fixed -- Adobe has released Adobe Reader 7.0.2 and Adobe Acrobat Standard/Professional 7.0.2 for the Macintosh, in part to fix a pair of security vulnerabilities and to improve form handling. In one vulnerability, a malicious JavaScript embedded within a PDF file could launch an arbitrary application on your Mac, at least as long as the exact application and path name is known in advance by the attacker. In the second vulnerability, the updater for Adobe Reader and Acrobat could either elevate the permissions of a pre-existing Safari Frameworks folder or create such a folder with elevated permissions.

<http://www.adobe.com/support/techdocs/ 331709.html>
<http://www.adobe.com/support/techdocs/ 331711.html>

The free 7.0.2 updaters work only on version 7.0.1; if you haven't already updated from 7.0 to 7.0.1, you must do so before updating to 7.0.2. You can either download the updates manually from the URLs below or use the Check for Updates Now command in the Help menu of each program, after which the Adobe Update Manager application will download and install the update automatically. The Adobe Reader update is an 11.2 MB download; the Acrobat Standard/Professional downloads check in at 99.6 MB. [ACE]

<http://www.adobe.com/support/downloads/ product.jsp?product=10& amp;platform=Macintosh>
<http://www.adobe.com/support/downloads/ product.jsp?product=1& amp;platform=Macintosh>