Adobe has finally released a patch for the critical security vulnerability in Acrobat and Adobe Reader (previously called Acrobat Reader) that I wrote about back in December. I also noted, earlier this month, that there was evidence that the flaw was being exploited in targeted attacks, using “poisoned” PDF documents.
Adobe’s Security Bulletin [APSB10-02] gives further details; all versions of Reader, up to and including 9.2, on all platforms, are vulnerable and require the patch, which can be downloaded here. For more information about the patch for Acrobat, see the Security Bulletin.
Adobe Reader is one of the most commonly installed pieces of software out there, and is therefore an attractive target for the Bad Guys. I recommend installing the patch as soon as you can.