I think its one of those immutable laws of security: The day you finish patching a product, a new patch will be released. Perhaps it just seems that way because of Quicktime.
We just sent out notices last week for our users running Adobe Acrobat (not reader) to update. While I deploy Adobe Reader updates since its part of the default install, users have installed Adobe Acrobat on their own, thus they need to patch. Left to their own devices many were found to still be running 7.0 or worse yet 6, or worse yet 5.
Since we’ve made good progress, it only makes sense that anyone running 8.1.2 will need to update again.
From the adobe bulletin:
A critical vulnerability has been identified in Adobe Reader and Acrobat 8.1.2. This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system.
Adobe recommends users of Acrobat 8 and Adobe Reader install the 8.1.2 Security Update 1 patch.
Fortunately 7.1.0 users are already cool.