Adobe has finally issued an update for its Acrobat Reader products. This patch updates Adobe Reader to version 8.1.1 and addresses several known issues, one of which is the PDF bug we reported here. Adobe recommends that all Adobe Reader 8 users apply this update.

• Close a potential security vulnerability on Windows XP computers that have Internet Explorer 7 installed (CVE-2007-5020); see the Adobe Security Bulletin (APSB07-18) concerning this issue
• Address several PDF forms-related issues
• Provide additional stability

DOWNLOAD

A critical zero-day PDF bug in Adobe's Acrobat Reader has been discovered. The scenario is that an attacker rigs a PDF file designed to exploit the flaw. He or she distributes it via e-mail or through other means, or hosts it on a Web page. When a user opens the rigged PDF file with a vulnerable application, the user's machine can be loaded with malware that makes it open to a takeover. This PDF vulnerability is even worse than the QuickTime flaw in Mozilla Firefox fixed 2 days ago. Both Mozilla Firefox flaw and PDF bugs have been discovered by Petko D. Petkov, aka pdp. The story comes as warning to all users working with Acrobat Reader. Please be careful until a fix is released. Click here or read Petko's web blog for more information.