If you missed it, Adobe last week admitted that Acrobat Reader is vulnerable to an attack that exploits a buffer overflow to place a downloader on the victim's PC. The downloader can then download and install a keylogger or other malware.

The company is working with anti-virus vendors such as Symantec and McAfee but announced that a patch will not be available until March 9 or 11.

Surely that's not good enough. High security enterprises such as Wall Street firms already have systems in place that combat downloaders by restricting the access of every device on the network. Anyone with lesser security expects vendors to fix vulnerabilities quickly, initially with a patch that might disable some functionality, and then later with with a software upgrade.