Adobe Reader 7.0.8 is out. The release notes indicate:
Security: several security bug fixes have been made, including one considered critical
According to Adobe a Critical vulnerability is “A vulnerability, which, if exploited would allow malicious native-code to execute, potentially without a user being aware.”
Why must Adobe be so mysterious? These vendors that hide critical security flaws behind “unspecified bug fixes” really annoy me. I have no way to know how important this patch is for my environment. Its like a product recall. They want to just update you silently because otherwise they’ll get bad press for having a security flaw.