Adobe said Thursday that it will release an emergency fix the week of August 16 for a critical hole in Reader that was publicly disclosed at the Black Hat conference last week.
The flaw, which could be exploited to take control of a computer, is related to the way Adobe's PDF (portable document format) reader software handles fonts, said Charlie Miller, principal analyst at Independent Security Evaluators. He disclosed the hole in his presentation on a tool that can be used to figure out the underlying bugs to software crashes, he said.
"I don't give the exploit, but you could take what I provide and turn it into an exploit," he told CNET.
Asked if three weeks was a reasonable time for Adobe to release a patch, Miller said: "I'm kind of surprised how fast they're fixing it."
More: http://news.cnet.com/8301-27080_3-20012817-245.html
The flaw, which could be exploited to take control of a computer, is related to the way Adobe's PDF (portable document format) reader software handles fonts, said Charlie Miller, principal analyst at Independent Security Evaluators. He disclosed the hole in his presentation on a tool that can be used to figure out the underlying bugs to software crashes, he said.
"I don't give the exploit, but you could take what I provide and turn it into an exploit," he told CNET.
Asked if three weeks was a reasonable time for Adobe to release a patch, Miller said: "I'm kind of surprised how fast they're fixing it."
More: http://news.cnet.com/8301-27080_3-20012817-245.html