Adobe released its monthly security update that addressed several vulnerabilities in its products, including a zero-day vulnerability impacting its Acrobat Reader products for Windows systems that is reported to be actively exploited in the wild. Successful exploitation of the flaw could allow attackers to arbitrary code execution.
A. Nature of the Vulnerability
Description of the vulnerability:
- CVE-2021-28550, a remote code execution vulnerability that could allow threat actors to execute almost any command in affected Adobe products, including installing malware and completely taking over the affected computer.
B. List of Vulnerable Systems
The following platforms and software are impacted by the vulnerable driver:
- Adobe Acrobat DC – version 2021.001.20150 and earlier
- Adobe Reader DC – version 2021.001.20150 and earlier
- Acrobat 2020 – version 2020.001.30020 and earlier
- Acrobat Reader 2020 – version 2020.001.30020 and earlier
- Acrobat 2017 – version 2017.011.30194 and earlier
- Acrobat Reader 2017 – version 2017.011.30194 and earlier
C. Actions to be Taken
CERT-PH recommends the following actions be taken:
- Adobe Reader users are urged to check and update their application to the latest version published by Adobe:
- Users can check for any updates and latest version of Acrobat Reader via Help > Check for Updates.
- Users who enabled automatic updates do not need any additional actions, as it downloads the latest update provided by Adobe.
- For managed environments, administrators can install the updates through different methodologies, such as AIP-GPO, bootstrapper, SCUP/SCCM (Windows) and SSH.
- For more details with regards to the monthly security update of Adobe, visit the Adobe’s published security advisories and implement tests and patches for the corresponding updated versions of the affected Adobe products. (https://helpx.adobe.com/security/products/acrobat/apsb21-29.html)