Security News > 2021 > May > Hackers Leverage Adobe Zero-Day Bug Impacting Acrobat Reader
A patch for Adobe Acrobat, the world's leading PDF reader, fixes a vulnerability under active attack affecting both Windows and macOS systems that could lead to arbitrary code execution.
Adobe is warning customers of a critical zero-day bug actively exploited in the wild that affects its ubiquitous Adobe Acrobat PDF reader software.
According to Adobe, the zero-day vulnerability, which is tracked as CVE-2021-28550, "Has been exploited in the wild in limited attacks targeting Adobe Reader users on Windows."
Windows users of Adobe Reader may be the only ones currently targeted.
In all, Adobe Acrobat received 10 critical and four important vulnerability patches.
Adobe Illustrator received the next highest number of patches on Tuesday, with five critical code execution vulnerabilities fixed.
News URL
https://threatpost.com/adobe-zero-day-bug-acrobat-reader/166044/
Related news
- U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls (source)
- Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet (source)
- Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025 (source)
- Hackers get $886,250 for 49 zero-days at Pwn2Own Automotive 2025 (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-02 | CVE-2021-28550 | Unspecified vulnerability in Adobe products Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability. | 8.8 |