Vulnerability in Adobe Acrobat and Reader being actively exploited

Our advisories highlight current cyber security threats and vulnerabilities in New Zealand, and provide guidance on how to mitigate their impact.

Subscribe to our updates to be notified as soon as we publish an advisory.

2:00pm, 12 May 2021

TLP Rating: Clear

Vulnerability in Adobe Acrobat and Reader being actively exploited

Adobe has released a patch to fix critical vulnerabilities in Adobe Acrobat and Adobe Reader. CVE-2021-28550 has been actively exploited and is a use-after-free arbitrary code execution vulnerability. This vulnerability can be exploited by opening a specially crafted PDF file in a vulnerable version of Adobe Acrobat or Adobe Reader.

CERT NZ recommends all users of these programs to immediately update Adobe Acrobat and Adobe Reader.

 

What's happening

Systems affected

The following software versions are affected.

  • 2021.001.20150 and earlier for Acrobat DC & Acrobat Reader DC
  • 2020.001.30020 and earlier for Acrobat 2020 & Acrobat Reader 2020
  • 2017.011.30194 and earlier for Acrobat 2017 & Acrobat Reader 2017

What this means

If a user opens a maliciously crafted PDF file with an affected version, an attacker can execute arbitrary code on the device.

What to look for

How to tell if you're at risk

You are at risk if you use Adobe Acrobat or Adobe Reader and have not yet updated to the latest version.

What to do

Prevention

CERT NZ recommends you apply the latest software updates to Adobe Acrobat and Adobe Reader.

The following software versions have been patched.

  • 2021.001.20155 and later for Acrobat DC & Acrobat Reader DC
  • 2020.001.30025 and later for Acrobat 2020 & Acrobat Reader 2020
  • 2017.011.30196 and later for Acrobat 2017 & Acrobat Reader 2017

For further information on how to update the software, please see Adobe’s APSB21-29 Security Bulletin. (See link below).

More information

Adobe’s Security Bulletin APSB21-29 External Link

If you require more information or further support, submit a report on our website or contact us on 0800 CERTNZ.

Report an incident to CERT NZ External Link

For media enquiries, email our media desk at certmedia@cert.govt.nz or call on 021 854 384