There are two current unpatched flaws in Adobe Reader/Acrobat and Adobe Flash. Your computer can get pwned just by previewing a PDF in your browser or viewing a flash video.
http://www.adobe.com/support/security/advisories/apsa10-02.html
http://www.adobe.com/support/security/advisories/apsa10-03.html
Due to the potential for drive-by malware infections, these two vulnerabilities are [highlight]extremely serious.[/highlight] I would recommend taking defensive action right now before widespread exploitation occurs (only a matter of days, working exploit code is already public.)
And of course follow standard secure computing practices like keeping all of your software completely up-to-date.
http://www.adobe.com/support/security/advisories/apsa10-02.html
http://www.adobe.com/support/security/advisories/apsa10-03.html
Due to the potential for drive-by malware infections, these two vulnerabilities are [highlight]extremely serious.[/highlight] I would recommend taking defensive action right now before widespread exploitation occurs (only a matter of days, working exploit code is already public.)
- Apply Microsoft EMET mitigations to your Acrobat Reader process and your browser process to block the PDF exploit. I have no information yet if this is effective against the Flash exploit.
- Run your browser in a limited rights context with a tool such as Sandboxie (payware) or the sandbox functionality of Comodo Internet Security (freeware.)
- Block all Flash in your browser by default. Be extremely conservative when allowing a site until a working fix is posted by Adobe or third-parties.
And of course follow standard secure computing practices like keeping all of your software completely up-to-date.