Adobe has issued a security fix for a zero-day vulnerability we recently wrote about affecting Javascript and PDF files in Adobe Acrobat and Adobe Reader 9.1 and earlier. You can get more information about the fix, and download updates on this page.
However, we’ll repeat what we said last week: We’ve been seeing an increasing number of flaws in Adobe Reader and Acrobat, and, since PDFs are so common – many being used to display content on web sites – having a reliable PDF reader is as important as having a secure web browser. For this reason, we strongly recommend that you simply don’t use Adobe Reader, but rather use Apple’s Preview, which is provided with Mac OS X. While Preview has had security issues, there seem to be far fewer than with Acrobat’s PDF tools. If you need to edit PDFs, Adobe Acrobat is hard to replace; you should be attentive, and only use it on PDFs whose provenance you are aware of.
