said it plans to release an update by May 12 for the recently disclosed
Reader and Acrobat vulnerability.
In doing so, Adobe will push out Windows updates for Reader and Acrobat versions 7, 8 and 9 and Macintosh and Unix updates for versions 8 and 9, David Lenoe, Adobe's security program manager, said Friday afternoon in a blog post
The company also has confirmed a second vulnerability in its Reader for Unix software, which also is slated to be fixed in next week's update, Lenoe said. That bug does not affect Windows or Mac versions, but Adobe is investigating whether it can "reproduce an exploitable scenario."
Proof-of-concept code for both vulnerabilities has been published on the web; however, Adobe is not aware of any live attacks.
As users await the patches, Adobe has suggested
This is the second major
zero-day PDF flaw to strike the popular viewer this year.