Adobe warns of a serious vulnerability in its popular Adobe Acrobat and Adobe Reader software
The reported vulnerability is a buffer overflow within a core application plug-in in Adobe Acrobat and Adobe Reader. If this vulnerability were successfully exploited, it could crash the application and allow for remote execution of malicious code on the affected system. Exploitation could involve the creation of malicious PDF files that trigger system infection when opened, potentially giving an attacker complete control of an affected system.
This vulnerability affects Adobe Reader for Windows, Linux, Mac OS, and Solaris; as well as Adobe Acrobat for Windows and for Mac OS. Users are encouraged to update their Adobe Acrobat and Adobe Reader software as soon as possible by following the appropriate update instructions published in the Adobe Reader and Acrobat Security Update.
The free Adobe Reader is installed on a vast number of systems world-wide. However, as it is not part of the Windows update system it is likely that many users do not update this program regularly, increasing the risk of any future infection that exploits this vulnerability spreading fast.
We recommend that users patch their systems by downloading and installing critical updates as soon as possible.
Users are also encouraged to update their antivirus software daily and to install a firewall on their computers, if they do not have one already. For more information on firewalls, please read Microsoft's tutorial on how to protect your PC.