Security News > 2021 > February > Adobe Patches Reader Vulnerability Exploited in the Wild

Adobe Patches Reader Vulnerability Exploited in the Wild
2021-02-09 18:29

Adobe on Tuesday announced the availability of patches for 50 vulnerabilities across six of its products, including a zero-day vulnerability in Reader that has been exploited in the wild.

The exploited vulnerability is tracked as CVE-2021-21017 and it was reported to Adobe anonymously.

The software giant said it received a report that the flaw has been "Exploited in the wild in limited attacks targeting Adobe Reader users on Windows."

The last time Adobe patched an actively exploited zero-day vulnerability in Reader was in 2018.

In Photoshop, Adobe patched five critical memory corruption issues that can lead to arbitrary code execution, and in Animate the company resolved one such vulnerability.

Adobe says it's not aware of any attacks exploiting the vulnerabilities in Magento, Photoshop, Animate, Illustrator and Dreamweaver, and, based on the assigned priority ratings, it does not expect them to be targeted.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/ZX1kbziCfhU/adobe-patches-reader-vulnerability-exploited-wild

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-02-11 CVE-2021-21017 Out-of-bounds Write vulnerability in Adobe products
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability.
network
low complexity
adobe CWE-787
8.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Adobe 112 77 1333 1988 640 4038