Adobe on Tuesday released a mega patch with 23 security fixes for its Reader PDF viewer, most of which are ranked as critical. The patch set a record for 2010 (um, woot?) though didn't quite topple Adobe's previous record of 29 bug fixes in October 2009.
"Adobe is hitting customers with a double whammy today," said Andrew Storms, director of security operations at nCircle Security. "Adobe products continue to be at the top of the target list for malware writers. They patched a zero-day flaw in Flash in late September, and today they are releasing their quarterly Acrobat update ahead of schedule because of another zero-day."
Out of the 23 updates, 20 of them "could lead to code execution," according to Adobe's security bulletin . The patch also plugs up a hole first revealed on September 7 by Mila Parkour, who reported the attack after discovering some funny business with PDFs attached to emails.