Emergency Patches for Adobe's Reader and Acrobat

Adobe released emergency patches for Adobe Reader and Acrobat 11, 10 and 9 on Wednesday that address two critical vulnerabilities being actively exploited by attackers. The exploit was discovered by researchers from security firm FireEye in active attacks last Tuesday and was confirmed by Adobe one day later. It's particularly dangerous because it bypasses the sandbox anti-exploitation mechanism in Adobe Reader 10 and 11.

Before releasing the updates, Adobe recommended that users of Adobe Reader 11 turn on the Protected View feature as a temporary mitigation to the existing exploit by choosing the "Files from potentially unsafe locations" option under the Edit > Preferences > Security (Enhanced) menu. This is a protection mechanism only in Adobe Reader 11, but it isn't turned on by default.