An Adobe patch for a well-publicized bug in the company’s Reader PDF software doesn’t fix the vulnerability. The security researcher who uncovered the flaw confirmed that the patch didn’t fix it. The bug allowed hackers to leverage the /Launch” function, a feature that executes other software from within a PDF document. Adobe admitted its blacklist wasn’t foolproof, and said it was looking into Tung’s and Stevens’ bypass techniques. The updated Reader and Acrobat programs can be downloaded using the security advisory Adobe published last week.”]
Source: https://www.csoonline.com/article/2125201/adobe-fails-to-fully-fix-pdf-bug.html