On Wednesday, we learned that experts had identified new zero-day vulnerabilities affecting the latest versions of Adobe Reader and Acrobat. Adobe is looking into the issue, but in the meantime, it recommends that users apply some mitigations.
Customers of Reader XI and Acrobat XI for Windows are advised to enable Protected View by choosing the “Files from potentially unsafe locations” option from the Edit > Preferences > Security menu.
Adobe also provides instructions for enterprises on how to enable Protected View.
Considering that the flaws can be exploited to execute arbitrary code and take over a computer, users are advised to apply the settings recommended by Adobe as soon as possible.
If you want an even better level of protection, take the advice provided by F-Secure experts. They say users should enable Protected View for all files, not just ones from potentially unsafe locations.
In the meantime, FireEye, the company that discovered the latest security hole, has published additional details on the exploit.