New zero-day vulnerabilities found in Adobe Flash, Reader, and Acrobat
Affected are Flash Player 10.1.85.3 and earlier on Windows, Mac, Linux and Solaris; Flash Player 10.1.95.2 and earlier for Android; Adobe Reader 9.4 and earlier 9.x versions for Windows, Mac and Unix-based operating systems; Adobe Acrobat 9.4 and earlier 9.x versions for Windows and Mac.
Adobe is working to patch this vulnerability and is hoping to have an updated version of Flash for Windows, Mac, Linux and Android by November 9. Updates (that will include the patch) for Adobe Reader and Acrobat are expected during the week of November 15 for Windows and Mac OS X.
Unfortunately, this will no doubt prove to be a popular attack vector for malware authors until the updates arrive. Hopefully Adobe will respond more quickly to such cases in the future.