Hackers Leverage Adobe Zero-Day Bug Impacting Acrobat Reader – Threatpost

Share this article:
A patch for Adobe Acrobat, the world’s leading PDF reader, fixes a vulnerability under active attack affecting both Windows and macOS systems that could lead to arbitrary code execution.
Adobe is warning customers of a critical zero-day bug actively exploited in the wild that affects its ubiquitous Adobe Acrobat PDF reader software. A patch is available, as part of the company’s Tuesday roundup of 43 fixes for 12 of its products, including Adobe Creative Cloud Desktop Application, Illustrator, InDesign, and Magento.
Join Threatpost for “Fortifying Your Business Against Ransomware, DDoS & Cryptojacking Attacks” a LIVE roundtable event on Wednesday, May 12 at 2:00 PM EDT for this FREE webinar sponsored by Zoho ManageEngine.
According to Adobe, the zero-day vulnerability, which is tracked as CVE-2021-28550, “has been exploited in the wild in limited attacks targeting Adobe Reader users on Windows.”
Windows users of Adobe Reader may be the only ones currently targeted. However, the bug affects eight versions of the software, including those running on Windows and macOS systems. Versions include:
Adobe did not release technical specifics regarding the zero-day vulnerability. Typically, those details become available after users have had an opportunity to apply the fix. “Users can update their product installations manually by choosing Help > Check for Updates,” Adobe wrote in its May security bulletin, posted Tuesday.
Also part of Tuesday’s roundup of 43 fixes are several other bugs rated critical. In all, Adobe Acrobat received 10 critical and four important vulnerability patches. Seven out of those bugs included arbitrary code execution bugs. Three (CVE-2021-21044, CVE-2021-21038, CVE-2021-21086) of the vulnerabilities patched on Tuesday open systems up to out-of-bounds write attacks.
Adobe Illustrator received the next highest number of patches on Tuesday, with five critical code execution vulnerabilities fixed. According to Adobe’s description of the flaws, three (CVE-2021-21103, CVE-2021-21104, CVE-2021-21105) are memory corruption bugs that open systems up to hackers, triggering arbitrary code execution on targeted systems. Kushal Arvind Shah, a bug hunter with Fortinet’s FortiGuard Labs, is credited for the three memory corruption bugs.
Additional Adobe products receiving patches included Adobe Animate, Adobe Medium, Adobe After Effects, Adobe Media Encoder, Adobe Genuine Service, Adobe InCopy and Adobe Genuine Service.
Download our exclusive FREE Threatpost Insider eBook, “2021: The Evolution of Ransomware,” to help hone your cyber-defense strategies against this growing scourge. We go beyond the status quo to uncover what’s next for ransomware and the related emerging risks. Get the whole story and DOWNLOAD the eBook now – on us!
Share this article:
Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.
The First Stop For Security News
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.

source