Adobe to Rush Out Emergency Patch for Reader, Acrobat

By Kara Reeder | Aug 6, 2010 | Print this Page
http://www.enterprisenetworkingplanet.com/netsecur/adobe-rush-out-emergency-patch-reader-acrobat
According to CNET News, Adobe will release an emergency fix during the week of August 16 for a critical hole in Reader and Acrobat that was publicly disclosed by researcher Charlie Miller at the Black Hat conference.

The bug is related to the way the software handles fonts. Says vulnerability tracker Secunia:

This can be exploited to corrupt memory via a PDF file containing a specially-crafted TrueType font. Successful exploitation may allow execution of arbitrary code.

Adobe's advisory says that the update will fix an undisclosed number of critical issues in Reader 9.3.3 for Windows, Mac, and UNUX; Acrobat 9.3.3 for Windows and Mac; and Reader 8.2.3 and Acrobat 8.2.3 for Windows and Mac.