Another month, and other Adobe software security hole exploit. If you still use Flash, pay attention! This security hole is currently being exploited In-The-Wild.
-> Adobe Flash Player 10.1.85.3 and earlier
-> Adobe Reader 9.4 and earlier 9.x versions
-> Adobe Acrobat 9.4 and earlier 9.x versions
Hackers exploit newest Flash zero-day bug
Those reports came from Mila Parkour, an independent security researcher who notified Adobe early today after spotting and then analyzing a malicious PDF file. According to Parkour, the rigged PDF document exploits the Flash bug in Reader, then drops a Trojan horse and other malware on the victimized machine.Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat
This issue is described in CVE-2010-3654.
Adobe provide a workaround in their 'Security Advisory' article linked above. They have promised to fix the security hole by November 9th.
Darn, Adobe blew their quarterly update schedule yet again. Can you comprehend why Adobe still believe in 'scheduled' security updates?