Unauthorized patches are unusual, but not unheard of. In 2006 and 2007, a group of security researchers who called themselves ZERT (Zeroday Emergency Response Team), issued several unauthorized patches for bugs in Windows and Internet Explorer.
RamzAfar criticized Adobe for not fixing the Reader flaw immediately. "We patched it without having source code in two hours and they need 20 days with code," the company said.
Adobe will release its official update for Reader sometime during the week of Oct. 4.
RamzAfzar's revamped CoolType.dll can be downloaded from the company's site.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, or subscribe to Gregg's RSS feed. His emaill address is firstname.lastname@example.org.
Read more about malware and vulnerabilities in Computerworld's Malware and Vulnerabilities Topic Center.