Adobe is urging its throngs of Acrobat Reader users to update their software to fix critical vulnerabilities that could allow adversaries to execute arbitrary code on unpatched versions. As for the Adobe Acrobat family of software, 26 bugs were patched, 13 of which were critical and given an Adobe priority rating of "2," meaning that the affected product is at "Elevated risk" of being attacked.
Eleven critical bugs in Adobe's popular and free PDF reader, Acrobat, open both Window and macOS users to attacks ranging from an adversary arbitrarily executing commands on a targeted system to data leakage tied to system-read and memory flaws. The free Acrobat Reader 2020 and PDF-creation and editing software Acrobat 2020 were among the list of those programs with critical bugs patched.
Adobe has issued multiple security advisories with patches for critical vulnerabilities in a wide range of software products, including the ever-present Adobe Acrobat and Reader application. The Mountain View, Calif.-based Adobe urged Windows and macOS users to treat the PDF Reader patch with the utmost priority, because the flaws expose machines to remote code execution and privilege escalation attacks.
A patch for Adobe Acrobat, the world's leading PDF reader, fixes a vulnerability under active attack affecting both Windows and macOS systems that could lead to arbitrary code execution. Adobe is warning customers of a critical zero-day bug actively exploited in the wild that affects its ubiquitous Adobe Acrobat PDF reader software.
Adobe on Tuesday informed customers that it has patched over a dozen vulnerabilities in its Acrobat products, including critical flaws that can be exploited for arbitrary code execution. The company says it has fixed a total of 14 security holes in the Windows and macOS versions of Acrobat DC, Acrobat Reader DC, Acrobat 2020, Acrobat Reader 2020, Acrobat 2017, and Acrobat Reader 2017.
Adobe has fixed critical-severity flaws tied to four CVEs in the Windows and macOS versions of its Acrobat and Reader family of application software services. These critical flaws include a heap-based buffer overflow, out-of-bounds write glitch and two use-after free flaws.
Adobe has released security updates to address critical severity vulnerabilities affecting Adobe Acrobat and Reader for Windows and macOS that could enable attackers to execute arbitrary code on vulnerable devices. Adobe categorized the security updates as priority 2 updates which means that they address vulnerabilities with no public exploits in products that have "Historically been at elevated risk."
Adobe has plugged 11 critical security holes in Acrobat and Reader, which if exploited could allow attackers to remotely execute code or sidestep security features in the app. As part of its regularly scheduled security updates, Tuesday, Adobe fixed critical- and important-severity flaws tied to 26 CVEs - all stemming from its popular Acrobat and Reader document-management application - as well as one important-severity CVE in Adobe Lightroom, which is its image manipulation software.
Adobe on Tuesday informed customers that it has patched 26 vulnerabilities in its Acrobat and Reader products, including 11 critical flaws that can be exploited to bypass security features and for arbitrary code execution. The remaining two critical vulnerabilities can allow an attacker to bypass security features.
Adobe this week announced that it has introduced a protected mode in Adobe Acrobat DC for Windows. The Protected Mode in Acrobat DC is aimed at ensuring addition layers of security are available for users, thus improving the protection of desktop environments from potentially malicious code.