The vulnerability in Adobe Acrobat and Reader discovered earlier week is being used to install malware onto enterprise machines.
The malware, Sykipot Trojan, has been used to exploit previous Adobe vulnerabilities.
Researcher Brandon Dixon wrote on security blog 9b+ that the exploit crashed his open Adobe programme and instead opened up a new file. It was this file that pointed to an attack on a large US defence contractor.
"Using Adobe Reader 9.4.6, the PDF was executed resulting in a crash and opening of a new document. This new document is a survey geared towards defense contractor ManTech," wrote Dixon.
The malware then attempts to make several registry changes and contacts an external URL. It is then likely to download further malicious code and assume control of the machine.
There has also been speculation this week that UK defence contractor Lockheed Martin had fallen foul of the vulnerability, as it was thanked by Adobe for notifying it of the breach.
However, the firm has since denied it has suffered any breach.
"We did not experience a cyber breach or intrusion resulting from the Adobe Reader vulnerability, and our information systems remain secure," a spokesperson told Computing.
He added that the breach was discovered by the firm's new Security Intelligence Centre, based in Farnborough, UK.
"Our advanced cyber analysis and intelligence team at the Lockheed Martin Security Intelligence Center routinely identifies and blocks malware attempting to exploit vulnerabilities in software applications such as Adobe Reader and, as is our standard practice, we report any findings to the developer.
"In this case, Adobe recognised us for identifying this vulnerability."
Does Google know too much about you?
The trend towards non-desktop-based devices is enabling more flexible working practices and behaviours
Date: 29 May 2013
THIS EVENT HAS BEEN POSTPONED DUE TO ILLNESS. Business intelligence is enjoying an upsurge of interest. In an era in which businesses and organisations...
Date: 11 Jun 2013
The enterprise mobility summit will examine how organisations can manage the increasing array of endpoints which are enabling mobile computing in business....