Adobe today announced that it will release updates for Adobe Reader and Acrobat for Windows and Mac next Tuesday. These updates should fix several critical vulnerabilities that allow an attacker to execute random code on a computer.
Opening a malicious PDF is sufficient to become infected. Where previously PDF vulnerabilities were mainly abused in targeted attacks, currently mainly vulnerabilities in Microsoft Office are exploited. That's also reflected in the priority Adobe has given the patches, namely priority 2.
This means the company is not aware of any attacks exploiting the vulnerabilities and is also not expecting any attacks. Adobe advices to install the patches that are released next Tuesday within 30 days.
