The Adobe Flash Player flaw, which is currently unpatched, affects millions of Windows XP and Windows Vista users. Adobe has acknowledged a potential vulnerability but, inexplicably, has not seen it fit to warn of the zero-day attacks or issue pre-patch mitigation guidance to tens of millions of its customers. The attacks take advantage of a feature available in Adobe Acrobat: embedded Adobe flash objects in PDF documents. The authors of the exploit have managed to take a bug and turn it into a reliable exploit using a heap spray technique.
Source: https://threatpost.com/adobe-flash-attacks-underway-harden-pdf-reader-immediately-072209/72884/