Adobe announced they received two malicious utilities signed by a valid Adobe code-signing certificate. The code-signing certificate was compromised though an attack on their code-signing system.
The code-signing certificate will be revoked on October 4, 2012, and will impact all code being signed after July 12, 2012. A supporting security advisory has been issued.
The compromise of the code-signing certificate does not impact Adobe Certified Document Services (CDS) or any root certificate in the CDS system. As such, there is no impact to customers who have purchased CDS signing certificates.