December 15, 2011
Out-of-band fix for Adobe Reader security issue coming Friday
Adobe on Friday plans to issue an emergency patch to fix a critically rated, zero-day vulnerability in its Adobe Reader and Acrobat software that is being exploited in limited and targeted attacks. Friday's update will be available for Reader and Acrobat 9 for Windows. Because the bug is mitigated by Protected View functionality, the company plans to wait until its next quarterly security update on Jan. 10 to patch Reader and Acrobat X, its most current version. Attackers have already attempted to leverage the memory corruption flaw to infiltrate Lockheed Martin, among other companies. The defense contractor, which reported the bug to Adobe, said it did not experience a breach as a result of the attempted intrusion.