Microsoft, Adobe warn of critical security flaws

Microsoft released patches on Tuesday that repair vulnerabilities in Windows, Office and Internet Explorer, as well as key pieces of software that businesses use in their data centers.

Adobe said in a security bulletin on its website that Reader and Acrobat users should update their software to the newest versions. Additional software is available if those releases are not compatible with a customer's PC.

The maker of design and document imaging software said it has yet to find any malicious software that exploits the vulnerabilities. It classified the risk as "critical," the highest level of risk on its scale evaluating the danger of such threats.

Adobe said the threat applies to users of Windows PCs as well as Apple Inc's Macintosh computers.

Once hackers learn of security vulnerabilities, they quickly develop malicious software to exploit them. Such programs can be used for cybercrimes such as identity theft, sending spam and taking control of computer systems.

Alerting hackers to the flaws presents a challenge for businesses as they need time to test the patches before installing them on their computer systems. They need to make sure that the new software does not interfere with existing programs because patches can sometimes cause systems to crash.

"Patching will be especially challenging for enterprises," Dave Marcus, a senior researcher with McAfee Inc, the world's No. 2 security software maker, said of the Microsoft patches.

It will be easier for consumers to address the threats as they can quickly download patches over the Internet, easily eliminating their exposure to attack. Such patches rarely cause stand-alone PCs to crash.

(Reporting by Jim Finkle; Editing by Steve Orlofsky)