Adobe has urgently alerted users of its Acrobat and Acrobat Reader PDF tools about a recent critical zero-day vulnerability discovery.
The tech giant has rolled out a security update for both Windows and macOS users and strongly recommends immediate patch applications to minimize potential attack risks.
Adobe commented on the situation, stating, “We’ve identified that CVE-2023-26369 is being exploited in a few targeted attacks against Adobe Acrobat and Reader.” While specifics surrounding the vulnerability are limited due to its recent detection, the company did verify that successful misuse could result in arbitrary code running.
Versions of Acrobat DC and Acrobat Reader DC, specifically 23.003.20284 and prior, are susceptible. Similarly, 2020 versions of the software with builds 20.005.30516 (macOS) and 20.005.30514 (Windows) or earlier are also affected.
Adobe’s new updates for its PDF tools, which were released on September 12, not only address multiple security concerns but also bring in several new features and improvements. Users can now adjust quick tools, utilize the revamped undo and redo functions in the top menu, and enjoy enhanced drag-and-drop capabilities for merging files.
Additionally, the San Jose-headquartered firm released more updates spanning its product spectrum, including the Adobe Connect and Adobe Experience Manager applications. These updates address vulnerabilities that permitted attackers to execute arbitrary codes on devices that hadn’t been patched.
While finding vulnerabilities in Adobe’s products isn’t necessarily surprising, it’s not cause for panic either. Regularly, companies launch security patches to address and fortify against these weaknesses, ensuring user protection. Adobe’s prompt response in this situation is commendable.
Regardless of whether it’s Adobe or another company, all digital service users should stay vigilant regarding software and firmware updates, making sure to install them promptly.