Adobe on Wednesday made available a security update to its Reader and Acrobat software to close two vulnerabilities that are under active attack.
The update for Windows, Mac and Linux users comes about a week after researchers at security firm FireEye revealed that saboteurs were spreading targeted exploits to take advantage of an unpatched flaw in Reader 9.5.3, 10.1.5 and 11.0.1. Shortly after, Adobe confirmed that its software was susceptible to two bugs: CVE-2013-0640 and CVE-2013-0641.
Attacks against the flaws appeared able to bypass sandbox protection that Adobe had put in place.
Users can automatically update their software, and additional patching details are available in a security bulletin from Adobe here.