Yet another Adobe Reader vulnerability has been found, which could allow hackers to take control of compromised computers. According to Security Focus, this vulnerability could lead to the following:
An attacker can exploit this issue by supplying a malicious PDF file. Successful exploits may allow the attacker to execute arbitrary code in the context of a user running the affected application. Failed attempts will likely result in denial-of-service conditions.
The Register says that Adobe will not be issuing a patch for the affected software until next Tuesday, and that “Users on … platforms [other than Windows] can insulate themselves from the current attack by disabling javascript from running inside the application,” but added that “Adobe warned it’s possible to design an exploit that works around that measure.”
So, use Preview instead of Adobe Reader, unless you absolutely need Adobe Reader’s features. And stay tuned for info about the patch next week.
Here is information from Adobe regarding this issue.