As Symantec reported in February, crooks have hit the flaw with small-scale attacks that e-mail PDF attachments to specific targets. Adobe says a patch should be ready for version 9 of both programs by the time you read this, with fixes for earlier versions to follow. Read .
Word Docs Target IE 7
Bad guys went after a bug in Internet Explorer 7 a week after Microsoft distributed a fix. Those attacks employed a malicious Word document, but the has warned that crooks could also add hidden code to a hijacked Web site to create a drive-by download attack. You can install the patch for this browser flaw via Automatic Updates, or .
The same patch batch from Microsoft addresses a ; an attack through this hole can be triggered if you open a hacked Visio file.
Meanwhile, Mozilla fixed six security holes in its Firefox browser, one of which was deemed critical. Firefox version 3.0.6 and later has the fixes; click Help, Check for Updates to make sure that you have the latest version. The same critical flaw can hit the Thunderbird e-mail program if JavaScript is enabled for e-mail (it's disabled by default, and discouraged by Mozilla). Version 2.0.0.21 closes the hole.