While users may have patched (or the unaware have already been patched by automatic updates), newly installed computers or those that do not have any PDF readers installed are still potentially vulnerable. This is because the binary available for download off Adobe's website is still the unpatched version.
As seen from the screenshot above, the version available for download is 9.1. While the latest updates that patch the zero-day exploit is 9.1.2.
If you do not install Adobe's Acrobat Reader you are in better shape than others. But to the common non-IT people, the default PDF application that installs is Acrobat. And installing the unpatched version poses a threat to the unwilling innocent victim.
So if you happen to have version 9.1 or the older 8.1.4 or 7.1.1 it is time to click that update button and save yourself from the threat.
Having the update/patch available is good. But making the available downloadable binary the patched version is the better scenario. It should not be that hard to do for a company like Adobe.
