Zero-day exploit bypasses Adobe Reader's sandboxing

[ky331]

researchers said that [a newly discovered 0-day] vulnerability is able to get around the built-in sandboxing protection that Adobe added to its Reader versions X [and XI]

The exploit, [which] is reportedly being used to install banking malware, is also packaged-up in the new version of the Blackhole Exploit Kit, used to distribute the banking Trojans Zeus, Spyeye, Carberp, and Citadel.

http://nakedsecurity.sophos.com/2012/11/08/adobe-reader-zero-day-exploit-thwarts-sandboxing/