Adobe fixed actively exploited zero-day in Acrobat and Reader
September 12, 2023
Software giant Adobe is warning of a critical security vulnerability in the PDF Acrobat and Reader that is actively exploited in the wild.
Adobe Patch Tuesday security updates (APSB23-34) addressed a critical zero-day vulnerability actively exploited in the wild in attacks on Adobe Acrobat and Reader products.
The vulnerability, tracked as CVE-2023-26369, is an out-of-bounds write memory safety issue that can be exploited to execute arbitrary code on vulnerable installs.
“Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses a critical vulnerability. Successful exploitation could lead to arbitrary code execution .” reads the advisory,
“Adobe is aware that CVE-2023-26369 has been exploited in the wild in limited attacks targeting Adobe Acrobat and Reader.”
The vulnerability affects both Windows and macOS installations. Below is the list of affected versions:
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, zero-day)