A critical vulnerability has been identified in Adobe Reader 9.1 and Acrobat 9.1 and earlier versions. This vulnerability (CVE-2009-1492) would cause the application to crash and could potentially allow an attacker to take control of the affected system. As of June 4, 2009, there are reports that this issue is being exploited. A second vulnerability has also been reported that appears to affect Adobe Reader for UNIX only (CVE-2009-1493).

Adobe recommends users of Adobe Reader 9.1 and Acrobat 9.1 and earlier versions update to Adobe Reader 9.1.1 and Acrobat 9.1.1. Adobe recommends users of Acrobat 8 update to Acrobat 8.1.5, and users of Acrobat 7 update to Acrobat 7.1.2. For Adobe Reader users who can’t update to Adobe Reader 9.1.1, Adobe has provided the Adobe Reader 8.1.5 and Adobe Reader 7.1.2 updates.

Adobe Reader

The above information was taken from http://www.adobe.com/support/security/bulletins/apsb09-06.html.

Copyright © 2009 Adobe Systems Incorporated. All rights reserved.