Adobe has released Reader 9.1 and Acrobat 9.1 to address a vulnerability. This vulnerability is due to a buffer overflow condition that exists in the way Adobe Acrobat Reader handles JBIG2 streams. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. Adobe has indicated that it is aware of reports of active exploitation.

US-CERT encourages users to review Adobe security bulletin APSB09-03 and update to Adobe Reader 9.1 and Acrobat 9.1. Additional information regarding this vulnerability is available in the Vulnerability Notes Database.

Read more: US-CERT Current Activity