Adobe has promised to issue a patch on Friday for a critical flaw in its Reader and Acrobat products currently being exploited in the wild, which could allow hackers to remotely take control of systems.
Adobe said in a security advisory posted last week that the "U3D memory corruption vulnerability" affects Adobe Reader X (10.1.1) and earlier versions for Windows and Macintosh, Adobe Reader 9.4.6 and earlier 9.x versions for Unix, and Adobe Acrobat X (10.1.1) and earlier versions for Windows and Macintosh.
Since then, reports have circulated that the flaw is being used by hackers to craft spam emails with malicious PDF attachments.
"We have started seeing a small number of targeted samples in Sophos Labs of attackers trying to use this vulnerability in email attachments. The emails are well crafted and look very believable," said Sophos Canada senior security advisor Chester Wisniewski in a blog post last week.
Adobe said at the time that the patch will be ready at some point in the week beginning 12 December, so it is still on track to deliver.
"We are in the process of finalising a fix for the issue and expect to make available an update for Adobe Reader 9.x and Acrobat 9.x for Windows on 16 December 2011," the firm said in an updated advisory.
"Because Adobe Reader X Protected Mode and Adobe Acrobat X Protected View would prevent an exploit of this kind from executing, we are currently planning to address this issue in Adobe Reader X and Acrobat X for Windows with the next quarterly security update for Adobe Reader and Acrobat, currently scheduled for 10 January 2012."
Adobe added that Mac versions of Reader and Acrobat and Adobe Reader 9.x for Unix will also be addressed in the next scheduled update.
Security admins have had a busy week already in the run up to Christmas, after Microsoft issued 13 bulletins on Tuesday covering 20 flaws, three of them critical.
Microsoft claims Check Point's methodology is all wrong - figure more like five million, not 250 million
Microsoft's explanation still raises as many questions as it answers
Wikileaks dumps info on 'Brutal Kangeroo', the CIA's malware toolkit for hacking 'air-gapped' networks
CIA's Brutal Kangeroo malware suite likened to Stuxnet
Commuters less than chuffed - many fined for not having a ticket