Adobe is investigating reports of a new zero-day attack against its Adobe Acrobat and Reader software that has been spotted in the wild. In a post on the Adobe security blog, the company says, “This afternoon, Adobe received reports of a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions being exploited in the wild.”
Adobe says little more about this vulnerability, but Shadowserver provides more information:
Several tests have confirmed this is a 0-day vulnerability affecting several versions of Adobe Acrobat [Reader] to include the most recent versions of 8.x and 9.x. We have not tested on 7.x, but it may also be vulnerable.