Adobe is aware of reports of a critical vulnerability in Adobe Reader and Acrobat 9.1.3 and earlier (CVE-2009-3459) on Windows, Macintosh and UNIX. There are reports that this issue is being exploited in the wild in limited targeted attacks; the exploit targets Adobe Reader and Acrobat 9.1.3 on Windows.
– Adobe Product Security Incident Response Team (PSIRT)
Adobe Reader and Acrobat issue (2009-Oct-08) [Adobe]
A patch is scheduled for release on October 13.
Adobe is planning to release an update for Adobe Reader 9.1.3 and Acrobat 9.1.3, Adobe Reader 8.1.6 and Acrobat 8.1.6 for Windows, Macintosh and UNIX, and Adobe Reader 7.1.3 and Acrobat 7.1.3 for Windows and Macintosh to resolve critical security issues. Adobe expects to make this update available on October 13, 2009. This update represents the second quarterly security update for Adobe Reader and Acrobat.
– Security Advisory for Adobe Reader and Acrobat APSB09-15 (2009-Oct-08) [Adobe]