Adobe Patches 11 Critical Bugs in Popular Acrobat PDF Reader
#1
Information 
Quote:Eleven critical bugs in Adobe’s popular and free PDF reader, Acrobat, open both Window and macOS users to attacks ranging from an adversary arbitrarily executing commands on a targeted system to data leakage tied to system-read and memory flaws.
 
In a Tuesday security bulletin, which included patches for all flaws, the company reported that Windows and macOS versions of Acrobat were equally vulnerable. Adobe added however that it was not aware of any abuse of the bugs in the wild.
 
The free Acrobat Reader 2020 and PDF-creation and editing software Acrobat 2020 were among the list of those programs with critical bugs patched. Adobe also patched Acrobat DC, Acrobat DC Reader, Acrobat Reader 2017 and Acrobat 2017. In all, Adobe patched 20 Acrobat bugs, with nine rated important.

Two of the most serious Acrobat vulnerabilities are use-after-free flaws (CVE-2021-28641, CVE-2021-28639) that, in a worst case scenario, allow an adversary to execute code arbitrarily on targeted systems or just create application crashes.
 
One of the more interesting critical bugs patched is a type of vulnerability called an “uncontrolled search path element” flaw (CVE-2021-28636). The vulnerability class also goes by the names DLL preloading, insecure library loading and dependency confusion. It’s unclear how the weakness was introduced to Adobe Acrobat. The security bulletin links to a generic description of the flaw which states:
 
“The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors… In some cases, the attack can be conducted remotely, such as when SMB or WebDAV network shares are used,” according to a MITRE description of the vulnerability type.

Read more: Adobe Patches 11 Critical Bugs in Popular Acrobat PDF Reader | Threatpost
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Messages In This Thread
Adobe Patches 11 Critical Bugs in Popular Acrobat PDF Reader - by silversurfer - 14 July 21, 11:59

Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Intel Graphics Driver 32.0.101.7088 / 10...
Homepage Download...harlan4096 — 10:05
Privazer 4.0.124.2
v4.0.124.2 (01 Jul...harlan4096 — 09:58
Google Chrome 150.0.7871.46/.47
Google Chrome 150....harlan4096 — 09:55
Kali Linux 2026.2 Released With 9 New To...
Offensive Security...harlan4096 — 08:28
INTEL Arc Graphics 32.0.101.8860 driver
INTEL Arc Graphics...harlan4096 — 08:19

[-]
Birthdays
Today's Birthdays
avatar (41)optsaZes
avatar (40)RaymondViata
Upcoming Birthdays
avatar (47)dapedDow
avatar (49)TromPerl
avatar (46)RidgeDimb
avatar (37)ipumaqar
avatar (51)tanliorsPeri
avatar (43)lapedDow
avatar (49)rituabew
avatar (37)omyjul
avatar (41)papedDow
avatar (50)ArnoldFum
avatar (38)yfaza
avatar (49)Kevensi
avatar (48)ConradRoand
avatar (39)boineDon
avatar (51)spoofTum
avatar (50)WillieVot
avatar (40)Grompelbawn
avatar (41)vkseogaF
avatar (37)usogy
avatar (40)ywixazok
avatar (38)ixoqe
avatar (56)Step 1
avatar (36)pa.OpenTran

[-]
Online Staff
harlan4096's profile harlan4096
Administrator

>