According to Adobe’s Security Advisory site there is another error with the Adobe Acrobat Reader program.
For those of you that do not know, when you visit a web site and click on a PDF file link to open it, this is the program that opens that PDF file right in your web browser.
The error is in the actual program itself, which lives on your computer. There is a flaw in the code that leaves you open to possible attack and it is to that fact that Adobe is alerting everyone.
Additionally, this newest error (which is different from the Acrobat error announced last week) has been give Adobe’s highest rating of “critical”. According to Adobe, this is the definition of a critical error:
A vulnerability, which, if exploited would allow malicious native-code to execute, potentially without a user being aware.
They are recommending that you upgrade to the latest version of Adobe Acrobat Reader
OR (not recommended by Adobe ;))
Switch to Brava! PDF reader. This is the one that I use for several reasons and now I have one more reason ;).
If you are a webmaster and want to protect visitors to your website who may click-to-open PDF files that you are publishing, there are some things you can do also.
For IIS 6.0 servers:
For Apache 2.2.3 Servers
Use mod_mime and AddType or mod_rewrite
If you are not comfortable with the above steps, do not attempt them. Alternatively, if you are with a managed host provider, contact them and see if they have taken these steps (probably they have not ;)).