Wednesday, December 16, 2009

Adobe to leave Reader unpatched for FOUR MORE WEEKS

We have to wait for a month for this to be fixed???  I'm hoping that if enough "in-the-wild" attacks surface, we'll see a patch sooner.

Adobe PDF attack update: Patch coming Jan 12 | Zero Day |
Here’s a quick update to the Adobe PDF Reader/Acrobat zero-day story that broke yesterday after the company confirmed that an unpatched vulnerabilities was being attacked in the wild.

First up, an exploit has been fitted into the Metasploit point-and-click penetration testing tool and there are predictions that exploit code will be widely available within a day or two.

More importantly, Adobe has finally provided official mitigation guidance and announced plans to ship a patch for this vulnerability on January 12th, 2010.

No comments: