Adobe Reader Exploit Circulating

US-CERT Computer Emergency Readiness Team

US-CERT is aware of public reports of active exploitation of a recent Adobe Reader vulnerability. This exploit appears to arrive in the form of a maliciously crafted PDF file and leverages the JavaScript buffer overflow vulnerability addressed in Adobe Security Bulletin APSB08-19. Successful exploitation may allow an attacker to execute arbitrary code or cause a denial-of-service condition. Additionally, the reports indicate that this exploit is currently undetectable by common antivirus applications.

US-CERT encourages users and administrators to do the following to help mitigate the risk:

Review Adobe Security Bulletin APS08-19 and update to Adobe Reader 9.
Use caution when opening untrusted files.
Install antivirus software and keep the virus signatures up to date.

Read more: US-CERT Current Activity

The alerts are updated in real time as they are released.

The Antivirus Advice website
is a collaberation of users, engineers and technical writers to present explaniations of Internet Security threats. It is sponsored by the following companies whose staff contributed to these articles.
Nortons.com

Antivirus Depot