Security News > 2021 > May > Hackers Leverage Adobe Zero-Day Bug Impacting Acrobat Reader
A patch for Adobe Acrobat, the world's leading PDF reader, fixes a vulnerability under active attack affecting both Windows and macOS systems that could lead to arbitrary code execution.
Adobe is warning customers of a critical zero-day bug actively exploited in the wild that affects its ubiquitous Adobe Acrobat PDF reader software.
According to Adobe, the zero-day vulnerability, which is tracked as CVE-2021-28550, "Has been exploited in the wild in limited attacks targeting Adobe Reader users on Windows."
Windows users of Adobe Reader may be the only ones currently targeted.
In all, Adobe Acrobat received 10 critical and four important vulnerability patches.
Adobe Illustrator received the next highest number of patches on Tuesday, with five critical code execution vulnerabilities fixed.
News URL
https://threatpost.com/adobe-zero-day-bug-acrobat-reader/166044/
Related news
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)
- RomCom hackers chained Firefox and Windows zero-days to deliver backdoor (source)
- Firefox and Windows zero-days exploited by Russian RomCom hackers (source)
- U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-09-02 | CVE-2021-28550 | Unspecified vulnerability in Adobe products Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability. | 8.8 |