One of the main functions of Adobe Acrobat is to allow users to create and edit PDF documents. This includes features such as adding text, images, and links to a PDF, as well as the ability to fill ...

Adobe's Acrobat and Acrobat Reader packages are currently under attack from a JavaScript-based exploit, similar to one which afflicted the software back in June.

This week, however, Adobe reacted faster to reports that its software was vulnerable. In February, Adobe acknowledged the bug on Feb. 19, but waited until Feb. 24 to recommend disabling JavaScript.

It is being exploited in the wild. According to an advisory from Adobe, the critical vulnerability exists in Adobe Reader and Acrobat 9.2 and earlier versions. It is being exploited in the wild.

A cybersecurity researcher is urging users to upgrade Adobe Acrobat Reader after a fix was released yesterday for a remote code execution zero-day with a public in-the-wild proof-of-concept exploit.

If nothing else, JavaScript should be disabled by default in Adobe Reader.” Henceforth, Sophos has recommended all users to disable JavaScript in Adobe Acrobat and Reader by default.

Shadowserver said that several “tests have confirmed this is a 0-day vulnerability affecting several versions of Adobe Acrobat [Reader] to include the most recent versions of 8.x and 9.x.