Security News > 2021 > February > Adobe Patches Reader Vulnerability Exploited in the Wild
Adobe on Tuesday announced the availability of patches for 50 vulnerabilities across six of its products, including a zero-day vulnerability in Reader that has been exploited in the wild.
The exploited vulnerability is tracked as CVE-2021-21017 and it was reported to Adobe anonymously.
The software giant said it received a report that the flaw has been "Exploited in the wild in limited attacks targeting Adobe Reader users on Windows."
The last time Adobe patched an actively exploited zero-day vulnerability in Reader was in 2018.
In Photoshop, Adobe patched five critical memory corruption issues that can lead to arbitrary code execution, and in Animate the company resolved one such vulnerability.
Adobe says it's not aware of any attacks exploiting the vulnerabilities in Magento, Photoshop, Animate, Illustrator and Dreamweaver, and, based on the assigned priority ratings, it does not expect them to be targeted.
News URL
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-11 | CVE-2021-21017 | Out-of-bounds Write vulnerability in Adobe products Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. | 8.8 |