The folks at ShadowServer describe the situation as "very bad."
We did not discover this vulnerability but have received multiple reports of this issue and have examined multiple different copies of malicious PDFs that exploit this issue. This is legit and is very bad.
Here's what we know so far:
We can tell you that this exploit is in the wild and is actively being used by attackers and has been in the wild since at least December 11, 2009. However, the number of attacks are limited and most likely targeted in nature. Expect the exploit to become more wide spread in the next few weeks and unfortunately potentially become fully public within the same timeframe. We are fully aware of all the details related to the exploit but do not plan to publish them for a few reasons:
There currently is no patch or update available that completely protects against this exploit.
There is little to no detection of these malicious PDF files from most of the major Antivirus vendors.