Adobe has announced that tomorrow it will release out-of-band patches for Reader 9.4 (and earlier 9.x versions) for Windows, Mac and UNIX, and Acrobat 9.4 (and earlier 9.x versions) for Windows and Mac to fix critical security issues.

The patch will fix the vulnerabilities CVE-2010-3654 and CVE-2010-4091.

Adobe issued a notification Oct. 28 that CVE-2010-3654 could cause Reader and Acrobat to crash and allow an intruder to take control of the affected system. Adobe said the flaw was being actively exploited.

More: http://sunbeltblog.blogspot.com/2010/11/adobe-out-of-band-patch-for-reader-and.html