All currently supported shipping versions of Adobe Reader (8.1.4, 9.1 and 7.1.1 and earlier) are vulnerable and Windows, Macintosh and Unix platforms are affected, Adobe said.
The company said it would release updates for all the platforms but did not yet have a time frame for that. “We are currently not aware of any reports of exploits in the wild for this issue,” the advisory said.
At the RSA security conference last week, F-Secure Chief Research Officer Mikko Hypponen said Internet users should switch to using an alternative PDF reader because of the security issues with Adobe Reader. A list of them is available on the PDFReaders.org Web site.
Of the targeted attacks so far this year, more than 47 percent exploit holes in Acrobat Reader, while six vulnerabilities have been discovered that target the program, he said.
Just last month, Adobe issued a fix for an Acrobat Reader hole that attackers had been exploiting for months, after issuing a patch for a critical vulnerability in Flash player the month before.