A code injection vulnerability in Adobe Reader and Acrobat 8.1.2 required a quick fix amid reports of an exploit for it in the wild.

Users of Adobe’s Reader and Acrobat products will want to perform an update or upgrade today, depending on the software version they have in place. A JavaScript vulnerability received a Critical rating from Adobe, meriting immediate attention.

“This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system,” Adobe said in its security bulletin. “This update resolves an input validation issue in a JavaScript method that could potentially lead to remote code execution.”

People on versions up to 8.1.2 of Reader and Acrobat may update their products with a security fix, currently available for download. Adobe recommended users of Acrobat and Reader 7 update those products to version 7.1.0.

Via WebProNews

See http://www.securityfocus.com/bid/27641/solution for links to appropriate downloads.