Dubbing the bug "critical," Adobe also acknowledged reports that exploits triggering the bug are already circulating. Both the Windows and Mac editions of the Adobe software require patches.
According to Adobe, versions 8.0 through 8.1.2 of both Reader and Acrobat should be patched; Reader and Acrobat 7.1.0, which were released in February, don't contain the bug and so don't need to be updated. Users still relying on version 7.0.9 or earlier, however, should update to 7.1.0, urged Adobe. Also, Reader 9 and Acrobat 9, which are expected to launch next month, are also not vulnerable.
The patch can be downloaded using links in Adobe's security bulletin.