Adobe ha reconocido su existencia y su gravedad, ya que se trata de una vulnerabilidad crítica que permite apoderarse de un equipo con Windows XP, Explorer 7 y Adobe 8.1 (y anteriores) sin más que abrir un pdf malformado...

A la espera de un parche definitivo, Adobe ha publicado la forma de evitar temporalmente el riesgo mediante la modificación del registro de Windows. Sin embargo, se trata de una nueva manifestación del bug en el manejo de URIs maliciosas, que continúa en el tejado de Microsoft, pero que esta empresa se niega a solucionar, alegando que es muy difícil de resolver, puesto que le obligaría a rehacer todas sus aplicaciones.

(Kirptópolis) Como consecuencia, la política de Microsoft al respecto es que cada fabricante parchee su producto para filtrar las posibles entradas maliciosas que le envíe Explorer.

Esta vulnerabilidad (que no afecta a Vista) ha producido ya problemas similares en Firefox, Skype, Netscape, Miranda IM, mIRC y -ahora- Adobe Reader.

A continuación les dejamos la solucion de adobe.com

To protect Windows XP systems with Internet Explorer 7 installed from this vulnerability, administrators can disable the mailto: option in Acrobat, Acrobat 3D 8 and Adobe Reader by modifying the application options in the Windows registry. Additionally, these changes can be added to network deployments to Windows systems.

Disclaimer: This procedure involves editing the registry. Adobe doesn't provide support for editing the registry, which contains critical system and application information. Make sure to back up the registry before modifying it. For more information about the registry, refer to Windows Help.

   1. Exit Adobe Reader or Acrobat.
   2. Open RegEdit. On Windows XP, go to Start > Run, type in regedit and click OK.
   3. Choose File > Export.
   4. Select Local Disk C for the Save in: location.
   5. Type backup for File Name.
   6. Choose All for the Export Range.
   7. Click Save.
   8. Navigate to the appropriate registry key:

Acrobat:
HKEY_LOCAL_MACHINESOFTWAREPoliciesAdobeAdobe Acrobat8.0FeatureLockDowncDefaultLaunchURLPerms

Reader:
HKEY_LOCAL_MACHINESOFTWAREPoliciesAdobeAcrobat Reader8.0FeatureLockDowncDefaultLaunchURLPerms

   9. If tSchemePerms is set as follows:
      version:1|shell:3|hcp:3|ms-help:3|ms-its:3|ms-itss:3|its:3|mk:3|mhtml:3|help:3|
      disk:3|afp:3|disks:3|telnet:3|ssh:3|acrobat:2|mailto:2|file:2
  10. To Disable mailto (recommended)
      Modify tSchemePerms by setting the mailto: value to 3:
      version:1|shell:3|hcp:3|ms-help:3|ms-its:3|ms-itss:3|its:3|mk:3|mhtml:3|help:3|
      disk:3|afp:3|disks:3|telnet:3|ssh:3|acrobat:2|mailto:3|file:2
  11. To set mailto to prompt
      Modify tSchemePerms by removing the mailto: value:
      version:1|shell:3|hcp:3|ms-help:3|ms-its:3|ms-itss:3|its:3|mk:3|mhtml:3|help:3|
      disk:3|afp:3|disks:3|telnet:3|ssh:3|acrobat:2|file:2
  12. Close RegEdit.
  13. Restart the application.

For users who are unable to implement the above workaround, the Secure Software Engineering team is working with the Adobe Reader Engineering team on an update to versions 8.1 of Adobe Reader and Acrobat that will resolve this issue. A security bulletin will be published on http://www.adobe.com/support/security as soon as that update is available. We expect the update to be available before the end of October.
In the meantime, Adobe recommends that Acrobat and Reader customers use caution when receiving unsolicited e-mail communications requesting user action, such as opening attachments or clicking Web links.

All documented security vulnerabilities and their solutions are distributed through the Adobe security notification service. You can sign up for the service at the following URL: http://www.adobe.com/cfusion/entitlement/index.cfm?e=szalert.