Adobe has announced that it is to release a patch for the vulnerability announced earlier this week in its Reader and Acrobat products.
In a bulletin update, it recommended customers follow the mitigation guidance given, and said that it plans to make available an update to Adobe Reader and Acrobat by 12th January 2010 to resolve the issue – meaning that the vulnerability could remain unpatched for a month from its first announcement.
Meanwhile Zscaler has announced that it has deployed protection for its customers from the vulnerability. Its vice president of security research, Michael Sutton, said: “Thanks to Zscaler's global cloud with 40 data centres, we were able to rapidly deploy protections to our customers.
“This sort of rapid and encompassing protection is something that is missing in lots of organisations today. Enterprises need to be proactive in their defence, and not merely wait for software vendors to announce availability of a patch.”