KrebsOnSecurity.com reports Adobe Systems Inc. warned late Friday that malicious hackers are exploiting a previously unknown security hole present in current versions of its Adobe Reader, Acrobat and Flash Player software. ... “There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player and Adobe Reader and Acrobat,” the company said in a brief blog post published Friday evening. “This vulnerability could cause a crash and potentially allow an attacker to take control of the affected system.” ... Krebs writes "Adobe said the vulnerability exists in Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and a component (authplay.dll) of Adobe Reader and Acrobat versions 9.x for Windows, Mac and UNIX operating systems."
Like all Zero-Day exploits, these have a higher than acceptable likelihood of getting past anti-malware products. That's why we recommend that management seriously consider using advanced intrusion prevention solutions capable of blocking zero-day attacks.