Yes, it happened. Hackers finally found an exploit in PDF files. Remember a while back when I said it would happen? They will look for an exploit and then hit them again. Well, that started today. In the past 24 hours Adobe has released a security fix (which almost no one has), and we have seen over 12,000 new PDF spam mails! That's right, 12,000 PDF spams in less than 24 hours after the exploit was announced by Adobe.
Read the Attack of the PDFs blog entry over at ZDNet.
Symantec and a few others have already updated their virus definitions. But how many IT departments regularly go to the Adobe site and patch? I doubt very many do. I know several companies still running Acrobat version 6 or later because it works for their needs, and the upgrade prices are very high for very little improvement to a typical users "build a PDF" workflow.
So, expect a lot of new PDF spam emails coming your way again... sigh.