Adobe has Released a Security Advisory to discuss a Critical Vulnerability affecting Reader and Acrobat 9.1.3 and Earlier on Windows, Macintosh, and Unix Platforms. The vendor reports that the issue is being exploited In-The-Wild in Limited Targeted Attacks. The in-the-wild Exploit targets Reader and Acrobat 9.1.3 on Windows platforms.
A Fix for this issue will be Released in the Adobe Reader and Acrobat quarterly Security Update, which is scheduled to be released on October 13, 2009.
In the meantime, users are advised to:
- Ensure that D.E.P. is Enabled.
- Ensure that JavaScript is Disabled for Reader and Acrobat.
- Ensure that Anti-Virus software is up-to-date.
Adobe Acrobat Reader Remote Code Execution Vulnerability: http://www.securityfocus.com/bid/36600.
A.P.S.B.09-15 Security Advisory for Adobe Reader and Acrobat: http://www.adobe.com/support/security/bulletins/apsb09-15.html.
Adobe Reader and Acrobat Issue: http://blogs.adobe.com/psirt/2009/10/adobe_reader_and_acrobat_issue_1.html.