Defence contractor Lockheed Martin has said it detected a previously unknown vulnerability in Adobe Reader software.
However despite the vulnerability, the Pentagon supplier said that Adobe's information systems were never breached.
Adobe credited Lockheed and other companies in the Defense Security Information Exchange with finding the critical vulnerability, and said it was working on a fix for the problem to be released next week.
Adobe spokeswoman Wiebke Lips said it had received reports that the vulnerability "is being actively exploited in the wild in limited, targeted attacks specifically against Adobe Reader 9.4.6 on Windows," but declined to give any details.
Lockheed spokeswoman Jennifer Whitlow said the problem was identified through the company's normal monitoring activities, and officials immediately notified Adobe.
She said Lockheed, which reported in May that it had been the target of a "significant and tenacious" cyber attack, had not been penetrated in the attempted attack.
"Our systems blocked any access by the adversary and Lockheed Martin information systems remain secure," Whitlow said.
The Adobe "zero-day" vulnerability found by Lockheed is the latest in a series of attacks targeting U.S. defence contractors that are growing increasingly frequent and sophisticated.