Security News > 2021 > May > Hackers Leverage Adobe Zero-Day Bug Impacting Acrobat Reader

Hackers Leverage Adobe Zero-Day Bug Impacting Acrobat Reader
2021-05-11 18:38

A patch for Adobe Acrobat, the world's leading PDF reader, fixes a vulnerability under active attack affecting both Windows and macOS systems that could lead to arbitrary code execution.

Adobe is warning customers of a critical zero-day bug actively exploited in the wild that affects its ubiquitous Adobe Acrobat PDF reader software.

According to Adobe, the zero-day vulnerability, which is tracked as CVE-2021-28550, "Has been exploited in the wild in limited attacks targeting Adobe Reader users on Windows."

Windows users of Adobe Reader may be the only ones currently targeted.

In all, Adobe Acrobat received 10 critical and four important vulnerability patches.

Adobe Illustrator received the next highest number of patches on Tuesday, with five critical code execution vulnerabilities fixed.


News URL

https://threatpost.com/adobe-zero-day-bug-acrobat-reader/166044/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-09-02 CVE-2021-28550 Use After Free vulnerability in Adobe products
Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability.
network
low complexity
adobe CWE-416
8.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Adobe 166 68 2143 934 2114 5259