Adobe will release a patch this week to close holes in the latest versions of Acrobat and Reader X and XI that hackers are already exploiting.
The patch for two memory corruption flaws affecting Reader and Acrobat on Windows, Mac and Linux machines will be delivered "during the week of February 18, 2013", the company said in an update on Saturday.
Adobe confirmed last week that attackers were targeting Windows users with malicious PDFs that exploited the flaws and allowed them to bypass Adobe's Protected Mode sandbox. Protected Mode was designed to stop malware installing by running processes for displaying PDF files in an isolated container.
The company's workaround for Windows users in the absence of a fix was to enable Protected View, a restrictive mode first introduced in Acrobat 10.1 that limited the software's actions until the user determines whether to trust a PDF. Adobe recommended Reader and Acrobat users set Protected View for "files from potentially unsafe locations", however it also allows them to choose "all files".
A patch will be available for Adobe Reader and Acrobat XI (11.0.01 and earlier) for Windows and Macintosh, X (10.1.5 and earlier) for Windows and Macintosh, 9.5.3 and earlier 9.x versions for Windows and Macintosh, and Adobe Reader 9.5.3 and earlier 9.x versions for Linux.