Security flaw in Adobe plug-in

News of a significant security vulnerability in earlier versions of Adobe Reader and Acrobat has come to light.

The vulnerability exists in nearly any browser with the Acrobat Reader plug-in installed and allows malicious Javascript code to be injected on the client side.

Possible attacks that could be delivered using the flaw include session riding, cross-site scripting attacks and, in the case of Internet Explorer, denial of service attacks.

An upgrade to Reader 8 is recommended.