Security 10816 Published by

PC World reports that a homemade patch addresses PDF zero-day bug that Adobe has yet to fix



A little-known security firm has released a home-brewed patch for a critical bug in Adobe Reader that hackers are already exploiting.

RamzAfzar, whose Web site bills it as a penetration testing company, reworked a flawed Adobe dynamic link library, or DLL, to replace the vulnerable "strcat" API call with the more secure alternative, "strncat."
  Adobe Patch Offered by Researchers