Users of Adobe PDF Reader should check they are running the latest version of
the software after the discovery of an exploit that takes advantage of a serious
flaw patched only three weeks ago.
According to Microsoft’s Threat Research and Response blog, its researchers
have discovered a circulating PDF-based attack that hooks into the publicised
flaw, CVE-2010-0188, to download a Trojan backdoor capable of taking control of
the affected system.
The warning relates mainly to Adobe Acrobat and Reader up to 9.3.0 for
Windows, Apple and Unix. older versions of Acrobat and Reader, 8.2.0 (used by
anyone unable to update to 9.3.x), are also affected on Windows and Apple and
should be patched to 8.2.1.