Security Brief: Adobe Reader

Adobe Reader Zero-Day Exploit

We have just become aware of a recent zero-day exploit associated with Adobe Reader; this zero-day has been exploited in the wild to compromise end-user machines.

Priority:

This recent exploit (CVE-2021-28550) should be considered critical in terms of establishing a remediation plan.  It is recommended that if you have an affected model that you remediate within 24-48 hours via an emergency change. Other critical vulnerabilities need to be addressed as well (see below).

Affected Versions:

The following are all the versions that are affected with this recent zero day:

• Windows Acrobat DC & Reader DC (versions 2021.001.20150 and earlier)
• macOS Acrobat DC & Reader DC (versions 2021.001.20149 and earlier)
• Windows & macOS Acrobat 2020 & Acrobat Reader 2020 (2020.001.30020 and earlier versions)
• Windows & macOS Acrobat 2017 & Acrobat Reader 2017 (2017.011.30194 and earlier versions)

The Vulnerability:

This zero-day leverages a use-after-free memory corruption flaw that affects Adobe Reader for Windows that has been exploited in the wild in limited attacks.

The Remediation:

Patch the appliance to the most current release of the software (2021.001.20155)

• The latest product versions are available to end users via one of the following methods:    
  • Users can update their product installations manually by choosing Help > Check for Updates.
  • The products will update automatically, without requiring user intervention, when updates are detected.
  • The full Acrobat Reader installer can be downloaded from the Acrobat Reader Download Center.
• For IT administrators (managed environments):     
  • Refer to the specific release note version for links to installers.
  • Install updates via your preferred methodology, such as AIP-GPO, bootstrapper, SCUP/SCCM (Windows), or on macOS, Apple Remote Desktop and SSH.

Reference:

https://helpx.adobe.com/security/products/acrobat/apsb21-29.html