Original release date: December 15, 2009 at 10:29 am
Last revised: December 15, 2009 at 10:29 am

Adobe has stated that they are investigating public reports of a
vulnerability affecting Adobe Reader and Acrobat. Public reports
indicate that exploitation of this vulnerability may occur when a user
opens a specially crafted PDF file. Exploitation of this vulnerability
may result in arbitrary code execution. Public reports currently
indicate active exploitation of this vulnerability.

US-CERT encourages users and administrators to do the following to
help mitigate the risks until the vendor is able to provide an update:
* Review the Adobe blog entry regarding this issue.
* Use caution when opening PDF files from untrusted sources.
* Disable JavaScript in Adobe Acrobat and Reader. To do this, click
“Edit,” then “Preferences” and then “JavaScript,” and uncheck
“Enable Acrobat JavaScript.”

This entry is available at

http://www.us-cert.gov/current/index.html#adobe_reader_and_acrobat_remote