The bug, first reported late last week, has caused concern because it is easy to exploit and it is not expected to be patched by Adobe for several weeks. Symantec told Adobe about the flaw, which lies in the Acrobat and Reader software, on Feb. 12, but on Monday security vendor Sourcefire said that an analysis of its database of malicious software shows that attackers have actually been using the attack for more than six weeks.

Sourcefire has found samples dating back to Jan. 9, said Matt Watchinski, Sourcefire's senior director of vulnerability research.

To date, the bug has been used in small-scale attacks against specially targeted individuals. Symantec says it has tracked only 100 attacks, but attacks have been increasing as attack code that exploits the flaw has been made public. The bug affects both Mac and Windows users.

Sourcefire posted an analysis of the flaw on its Web site Monday, which a hacker named k`sOSe credited with helping him write a that exploits the bug.

"We're starting to see more exploit code show up," Andre DiMino, cofounder of The Shadowserver Foundation, the organization that the flaw last Thursday.