Security News > 2021 > May > Hackers Leverage Adobe Zero-Day Bug Impacting Acrobat Reader
A patch for Adobe Acrobat, the world's leading PDF reader, fixes a vulnerability under active attack affecting both Windows and macOS systems that could lead to arbitrary code execution.
Adobe is warning customers of a critical zero-day bug actively exploited in the wild that affects its ubiquitous Adobe Acrobat PDF reader software.
According to Adobe, the zero-day vulnerability, which is tracked as CVE-2021-28550, "Has been exploited in the wild in limited attacks targeting Adobe Reader users on Windows."
Windows users of Adobe Reader may be the only ones currently targeted.
In all, Adobe Acrobat received 10 critical and four important vulnerability patches.
Adobe Illustrator received the next highest number of patches on Tuesday, with five critical code execution vulnerabilities fixed.
News URL
https://threatpost.com/adobe-zero-day-bug-acrobat-reader/166044/
Related news
- Lazarus hackers exploited Windows zero-day to gain Kernel privileges (source)
- Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks (source)
- Hackers earn $1,132,500 for 29 zero-days at Pwn2Own Vancouver (source)
- From PDFs to Payload: Bogus Adobe Acrobat Reader Installers Distribute Byakugan Malware (source)
- Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-02 | CVE-2021-28550 | Use After Free vulnerability in Adobe products Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability. | 8.8 |