PCMagazine: Patch Your Copy Of Adobe Reader Now
Adobe has classified the bugs fixed by this patch, which was issued outside the company’s regular schedule for security patches, as critical. They also effect Acrobat, the full PDF-creation application from Adobe.
“Adobe last week patched two vulnerabilities in its popular Reader PDF viewing software, including one that went public last month at the annual Black Hat security conference.
Two weeks ago, Adobe promised to fix the Black Hat vulnerability with an emergency, or ‘out-of-band’ security update.
That vulnerability was disclosed by researcher Charlie Miller at July’s Black Hat event in Las Vegas, where he demonstrated how the open-source BitBlaze toolkit could boost bug-hunting productivity. Miller, an analyst with Baltimore-based Independent Security Evaluators and a well-known vulnerability researcher, said the bug was in Reader’s and Acrobat’s font parsing.”