Security News > 2021 > February > Adobe fixes critical Reader vulnerability exploited in the wild
Adobe has released security updates that address an actively exploited vulnerability in Adobe Reader and other critical bugs in Adobe Acrobat, Magento, Photoshop, Animate, Illustrator, and Dreamweaver.
In total, the company addressed fifty security vulnerabilities affecting seven products, with many of them rated as critical as they allow local arbitrary code execution.
The Adobe Reader bug known to be actively exploited in the wild is tracked as CVE-2021-21017.
Adobe advises customers using vulnerable products to update to the latest versions as soon as possible to block attacks that could lead to successful exploitation of unpatched installations.
The full update installers can be downloaded from Adobe's Download Center.
Let the products update automatically, without requiring user intervention, when updates are detected.
News URL
Related news
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Experts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems (source)
- New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution (source)
- Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware (source)
- Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk (source)
- Fortinet releases patches for undisclosed critical FortiManager vulnerability (source)
- VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability (source)
- FortiManager critical vulnerability under active attack (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-11 | CVE-2021-21017 | Out-of-bounds Write vulnerability in Adobe products Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. | 8.8 |