Critical vulnerability in Adobe Acrobat, Reader: Patch coming March 11
Adobe said that a critical vulnerability resides in Adobe Reader and Acrobat 9 and earlier versions. Unfortunately, Adobe won't be updating Reader and Acrobat 9 until March 11.
Adobe said the vulnerability "would cause the application to crash and could potentially allow an attacker to take control of the affected system."
According to Adobe's advisory, the software vendor plans the following:
Adobe expects to make available an update for Adobe Reader 9 and Acrobat 9 by March 11th, 2009. Updates for Adobe Reader 8 and Acrobat 8 will follow soon after, with Adobe Reader 7 and Acrobat 7 updates to follow. In the meantime, Adobe is in contact with anti-virus vendors, including McAfee and Symantec, on this issue in order to ensure the security of our mutual customers.
For now the best plan would be to update your Acrobat and Reader to 9 so you'll at least be first in line for the patch.