Adobe has released a blog post indicating that it is aware of reports of a vulnerability affecting Adobe Reader and Acrobat 9.1.2 and Flash Player 9 and 10.
US-CERT encourages users and administrators to review the blog post and implement the following workarounds until the vendor releases additional information:
- Disable Flash in Adobe Reader 9 on Windows platforms by renaming the following files: "%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll" and "%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll".
- Disable Flash Player or selectively enable Flash content as described in the Securing Your Web Browser Document.
US-CERT will provide additional information as it becomes available.