Adobe published first patches for zero-day vulnerabilities in Acrobat and Reader. Flaws are actively exploited by cybercriminals.
Vulnerabilities are due to flaws in processing U3D files that allow attackers to take control over user’s system. Also a critical flaw was found that crashes memory when processing PRC files.
Adobe pulished updates for Reader 9.x and Acrobat 9.x for Windows. The company said that defensive technologies used in Reader X and Acrobat X stopped attacks so patches would be published on January 10th.

source: Heise Online
19.12.2011