Adobe issues zero-day warning for Reader, Acrobat -- again.
Adobe's improved security efforts have been a welcome change, but it sure seems like they're still not doing enough. Of course, it's also possible that things have been footloose and fancy-free for so long that it's going to take a while to sort out. They've promised sandboxing is coming, and that should help.
In the meantime, however, we're going to see more news like this: there's yet another new exploit which could allow an attacker to remotely exploit code on a compromised machine.
But at least they've identified the hole. That's good.
They also admit they're not sure how to mitigate the vulnerability. That's bad.
Adobe are, however, sharing information with various security firms to that your favorite anti-malware app can protect you. That's... er... something.
Once people like Microsoft, Symantec, and Eset have updated their defenses you should be ok until Adobe sorts things out.
Anyone else having deja vu?