Adobe not planning to close critical vulnerability in Reader until January
The vulnerability can be exploited to inject and execute code on vulnerable systems and can be triggered simply by opening a crafted PDF file. Virus authors have so far limited themselves to distributing such files via targeted emails only, samples of which have been published by F-Secure on their blog.
For Mac OS X and Linux users, Adobe has provided instructions for blacklisting the vulnerable function.
- Security Advisory for Adobe Reader and Acrobat, report from Adobe.
- Attacks on unpatched vulnerability in Adobe Reader and Acrobat, a report from The H.