Adobe will release a patch on Friday for the zero day Reader and Acrobat flaw that attackers were using against defence contractors' Windows systems.
"We are in the process of finalising a fix for the issue and expect to make available an update for Adobe Reader and Acrobat 9.x for Windows on December 16, 2011," Adobe said in an update late Thursday.
Adobe publicly disclosed the flaw late last week after the computer emergency response team of US defense contractor Lockheed Martin warned it of the problem.
Symantec has confirmed the attacks were primarily directed at US and UK organisations that included defence contractors, government agencies and other infrastructure providers.
The attackers used a relatively unsophisticated Trojan that it labels Sykipot, but Symantec researchers claimed the group behind it were funded well-enough to maintain a sustained campaign against organisations that held valuable intellectual property.
"While the back door Trojan itself isn’t very sophisticated or well-coded, the attackers are skilled enough to have discovered multiple zero-day vulnerabilities."
It also noted that the trojan "contained Chinese language error message messages that appear to correspond to a tool used to package the threat".
The flaw affects newer versions of Adobe's Reader and Acrobat software however due to in-built anti-exploitation protections a patch for these will be released in its normal patch cycle during January.