Adobe warns that hackers are exploiting a vulnerability in the latest versions of Adobe Reader and Acrobat to get an access to computers running Microsoft Windows.
The vulnerability was discovered by representatives of Lockheed martin’s computer incident response team and the Defense Security Information Exchange. Both organizations explore security threats targeting military contractors and organizations. The discovered vulnerability corrupts memory involved with the U3D, or Universal 3D, file format.
Adobe said in its advisory that vulnerability is “being actively exploited in limited, targeted attacks in the wild”, but didn’t provide the details.
Attackers are exploiting the vulnerability only in reader 9.x on Windows. Still all other supported versions of Adobe and Acrobat are vulnerable.
The emergency update for Reader 9.x and Acrobat 9.x will be published no later than the end of the next week. All other versions of Reader and Acrobat running Windows and Unix platforms will be delivered on January 10, the date of Adobe’s next scheduled patch release.
