Adobe has released a new version of its Acrobat and Reader software that fixes two software vulnerabilities that are being exploited in the wild.
The release closes two security holes reported by security researchers last week that affect versions nine, X and XI of Reader and Acrobat for Linux, Mac OS X and Windows.
The "critical" vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.
Adobe said it has evidence of these flaws being exploited in the wild on Mac and Windows systems and recommended administrators install the update as "soon as possible". Adobe ranked the vulnerabilities as lower risk on Linux systems as there are currently no known exploits, recommending administrators update within 30 days.
More information on the holes, a memory corruption vulnerability CVE-2013-0640 and a buffer overflow vulnerability CVE-2013-0641, are available in Adobe's security advisory.
The emergency fixes follow two Flash Player zero-days that were being exploited by attackers in spear-phishing campaigns, and for which Adobe issued out-of-band fixes two weeks ago.