Adobe Reader and Acrobat security update coming
There have been reports of an unpatched critical vulnerability in Adobe Reader and Acrobat 9.1.3 and earlier that is being exploited in the wild. Although the vulnerability affects Windos, Mac OS X and UNIX, the reports refer only to to Adobe Reader and Acrobat 9.1.3 on Windows.
Adobe is aware of the issue and plans to resolve it in the upcoming Adobe Reader and Acrobat quarterly security update, scheduled for release on October 13.
Adobe Reader and Acrobat 9.1.3 customers with DEP enabled on Windows Vista will be protected from this exploit.
Disabling JavaScript also mitigates against this specific exploit, although a variant that does not rely on JavaScript could be possible.