Fresh off the wire.
From CNET:
Attackers are making the rounds and exploiting a critical security flaw in Adobe Reader 9 and Acrobat 9, Adobe Systems warned Thursday.
Earlier versions of the software are also affected by the critical security flaws, which could cause the Adobe application to crash and potentially allow an attacker to gain control of the user’s system, Adobe warned.
Reports have also surfaced that attackers have developed an exploit and are taking advantage of the security flaws, Adobe notes.
There is currently no fix for the vulnerability but, Adobe expects to have one ready for…March 11th?
Secunia Advisory
Proof of concept code
UPDATE: HD Moore has an excellent write up on this very subject. As well, the Sourcefire VRT team has an explanation of the exploit itself.