Security 10806 Published by

PC World reports that Adobe plugs only part of the hole disclosed in March



An Adobe patch for a well-publicized bug in the company's Reader PDF software doesn't fix the vulnerability, the security researcher who uncovered the flaw confirmed.

Last Tuesday, Adobe shipped an update for Reader and Acrobat, its popular PDF viewing and creation programs, that patched 17 vulnerabilities, including a design issue that gave attackers an easy way to con users into running malware. The bug, which was disclosed by Belgium researcher Didier Stevens in late March, allowed hackers to leverage the "/Launch" function, a feature that executes other software from within a PDF document.
  Adobe Fixes PDF Bug Partially