Adobe Warns of Reader, Acrobat Attack: "itwbennett writes "Monday afternoon, Adobe 'received reports of a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions being exploited in the wild,' the company said in a post to the company's Product Security Incident Response Team blog. According to malware tracking group Shadowserver, the vulnerability is due to a bug in the way Reader processes JavaScript code. Several 'tests have confirmed this is a 0-day vulnerability affecting several versions of Adobe Acrobat [Reader] to include the most recent versions of 8.x and 9.x. We have not tested on 7.x, but it may also be vulnerable,' Shadowserver said in a post on its Web site. The group recommends that concerned users disable JavaScript within Adobe's software as a work-around for this problem. (This can be done by un-checking the 'Enable Acrobat JavaScript' in the Edit -> Preferences -> JavaScript window). 'This is legit and is very bad,' Shadowserver added."
Read more of this story at Slashdot.