Adobe Systems Inc. on Wednesday warned of a critical zero-day flaw in its Reader and Acrobat software that could allow an attacker to take over a system.
The vulnerability is reportedly being actively exploited in the wild, Adobe said in its brief security advisory. There is no patch yet available for the flaw.
The flaw exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh, according to Adobe.
Adobe said it is in "the process of evaluating the schedule for an update to resolve this vulnerability."
In a blog post Wednesday afternoon, McAfee researchers reported seeing a zero-day vulnerability in the wild that affects the latest version of Adobe Reader. "This zero-day vulnerability is a typical stack buffer overflow vulnerability and exploitation of this issue is expected to be relatively easy," they wrote.