Dubbing the bug “critical,” Adobe also acknowledged reports that exploits triggering the bug are already circulating. Both the Windows and Mac editions of the Adobe software require patches.
Adobe Reader is the company’s popular, free PDF viewer, while Acrobat is its for-a-fee application for creating and managing documents in that format.
According to Adobe, versions 8.0 through 8.1.2 of both Reader and Acrobat should be patched; Reader and Acrobat 7.1.0, which were released in February, don’t contain the bug and so don’t need to be updated. Users still relying on version 7.0.9 or earlier, however, should update to 7.1.0, urged Adobe. Also, Reader 9 and Acrobat 9, which are expected to launch next month, are also not vulnerable.
The patch can be downloaded using links in Adobe’s security bulletin.