Adobe Flash Zero-Day Vulnerability

Adobe is currently investigating reports of a vulnerability in its Flash and PDF reader applications. The vulnerability lies in Adobe Flash Player which is used by web browsers and Adobe Reader to display Flash content. The vulnerability can be exploited via a malicious web page or a PDF file with an embedded flash exploit. Because the flash exploit can be embedded in a PDF file it is possible for attackers to target victims using PDF attachments in Email. 

The vulnerable products are Adobe Reader and Acrobat 9.1.2 and Adobe Flash Player 9 and 10.

A patch is not yet available however users can help protect themselves from malicious websites by disabling JavaScript in their browser or by using the NoScript plugin for Firefox. Users can also protect themselves from PDF files with the embedded flash exploit by using an alternative PDF viewer.

Additional information and steps for disabling flash can be found here.