Will not say anything about it
Adobe
today patched a critical vulnerability in its PDF viewing and editing software
that hackers have been exploiting for more than two months.
The outfit has
updated Adobe Reader and Acrobat 9.1 which it says fixes the recent JBIG2
security issue, including the 'no-click' variant of the vulnerability. David
Lenoe, Adobe's security program manager, said in a post to a company blog very
little else but hinted that the flaw might have become a bit of albatross for
Adobe.
Newer exploits that do not rely on a user actually opening a malformed
PDF file have been seen in the wild. According to Adobe, it first knew of the
vulnerability January 16 when an unnamed partner provided it with an exploit
snared in the wild.