Adobe has warned of attacks on a zero-day flaw in its Reader, Acrobat and Flash applications.
The company has not released a patch, but has issued a workaround for IT administrators to ward off intruders. Danish security analysts Secunia rated the flaw as extremely critical.
Adobe said in a security advisory that the vulnerability could cause a crash and potentially allow an attacker to take control of the affected system.
"There are reports that this vulnerability is being actively exploited in the wild against Adobe Reader and Acrobat 9.x. Adobe is not currently aware of attacks targeting Adobe Flash Player," the firm said.
All versions of Flash on Windows, Mac, Linux and Android are vulnerable, which also affects the Authplay component of Reader and Acrobat 9.x that renders Flash in PDFs.
A full patch for Reader and Acrobat is expected by 15 November and the Flash flaw will be fixed a week earlier, according to Adobe.
Adobe released a fix yesterday for a previous flaw in Shockwave for Windows and Macintosh.
Claims to have "the most competitive logic density" in the industry
Dell's high-end mobile workstations upgraded with Intel Coffee Lake CPUs
Webstresser admins were also arrested in the UK, Croatia, Canada and Serbia
Security firm claims that 117,638 sites out of 135,035 analysed contain serious security flaws