Adobe released Acrobat and Adobe Reader 9.4 on Wednesday to address what the company is calling critical security flaws that could let a remote attacker gain control of user’s computers. The vulnerability is apparently already being exploited on Windows-based PCs, but there aren’t any reports of attacks on Mac OS X computers.
A security hole In Acrobat and Adobe 9.3.4 and earlier could allow attackers to cause application crashes on victim’s computers, as well as take control of remote computers. The flaws are also in Acrobat and Adobe Reader 8.2.4 and earlier.
The security updates were released ahead of Adobe’s usual cycle by about a week, so the next scheduled quarterly security update isn’t scheduled to hit until February 8, 2011.
The security updates for Acrobat and Adobe Reader 9.3.4 and Acrobat and Adobe Reader 8.2.4 are available via the application’s built-in update utility, or at the Adobe Support Web site.