Security News > 2021 > May > Hackers Leverage Adobe Zero-Day Bug Impacting Acrobat Reader
A patch for Adobe Acrobat, the world's leading PDF reader, fixes a vulnerability under active attack affecting both Windows and macOS systems that could lead to arbitrary code execution.
Adobe is warning customers of a critical zero-day bug actively exploited in the wild that affects its ubiquitous Adobe Acrobat PDF reader software.
According to Adobe, the zero-day vulnerability, which is tracked as CVE-2021-28550, "Has been exploited in the wild in limited attacks targeting Adobe Reader users on Windows."
Windows users of Adobe Reader may be the only ones currently targeted.
In all, Adobe Acrobat received 10 critical and four important vulnerability patches.
Adobe Illustrator received the next highest number of patches on Tuesday, with five critical code execution vulnerabilities fixed.
News URL
https://threatpost.com/adobe-zero-day-bug-acrobat-reader/166044/
Related news
- Adobe fixes Acrobat Reader zero-day with public PoC exploit (source)
- Adobe fixed Acrobat bug, neglected to mention whole zero-day exploit thing (source)
- Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- Over 70 zero-day flaws get hackers $1 million at Pwn2Own Ireland (source)
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-02 | CVE-2021-28550 | Use After Free vulnerability in Adobe products Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability. | 8.8 |