For those of you still getting your PDF fix with Adobe's Acrobat software, you might have been tempted to install an unofficial security patch from security and software firm RamzAfzar. The third-party fix replaces the vulnerable CoolType.dll, addressing a critical Reader bug Adobe disclosed earlier this month.
"We've decided to modify this strcat call and convert it to strncat. Why? Because strncat at least receives the buffer size and how much bytes you want to copy from src do dest," RamzAfzar explains about its patch.
According to Threatpost.com, Adobe confirmed in an email that the unofficial patch does seem to stop vulnerable versions of Reader from crashing, but warns there are always concerns with installing software from unknown sources. As Adobe explains, a DLL is the equivalent to an EXE and users should never install these from an untrusted publisher. In addition, users will have no guarantee that future Adobe updates will work after applying third-party patch jobs. And finally, Adobe warns that altering the DLL might break functionality and could disrupt critical workflows.
But is it really as dangerous as Adobe warns? Maybe, maybe not. The unofficial patch has the backing of at least one security researcher who earlier this week tweeted that it works as advertises, and nothing more.