A critical vulnerability exists in Adobe Reader and Acrobat 9.3.4 and earlier versions.
Adobe has announced it it will release security patches to address a vulnerability in its Reader and Acrobat products during the first week of October, in an accelerated release of its next quarterly security updates.
The vulnerability has been categorised as critical, and exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and in Adobe Acrobat 9.3.4rand earlier versions for Windows and Macintosh. This vulnerability could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild.
Current exploits in the wild target the Windows platform. Customers using Adobe Reader or Acrobat 9.3.4 or earlier on Windows can mitigate the potential exploit by using Microsoft’s Enhanced Mitigation Evaluation Toolkit (EMET).
This advisory contains information released by Adobe. Some of the information may have changed since it was released, please see http://www.adobe.com/support/security/advisories/apsa10-02.html for further information.
For more information on using EMET see http://blogs.technet.com/b/srd/archive/2010/09/10/use-emet-2-0-to-block-the-adobe-0-day-exploit.aspx