Here's a quick update to the Adobe PDF Reader/Acrobat zero-day story that broke yesterday after the company confirmed that an unpatched vulnerabilities was being attacked in the wild.
Adobe's Brad Arkin explains the thinking behind waiting until next month to ship the patch.
These are the software versions affected:
- Adobe Reader 9.2 and earlier versions for Windows, Macintosh, and UNIX
- Adobe Acrobat 9.2 and earlier versions for Windows and Macintosh
Here are the temporary mitigation instructions:
Researchers at F-Secure have some additional information on the actual zero-day attacks, which utilize rigged PDF files.