Security Brief: Adobe Reader

Adobe Reader Zero-Day Exploit

We have just become aware of a recent zero-day exploit associated with Adobe Reader; this zero-day has been exploited in the wild to compromise end-user machines.

Priority:

This recent exploit (CVE-2021-28550) should be considered critical in terms of establishing a remediation plan.  It is recommended that if you have an affected model that you remediate within 24-48 hours via an emergency change. Other critical vulnerabilities need to be addressed as well (see below).

Vulnerability Category Vulnerability Impact Severity CVE Number
Buffer overflow Arbitrary code execution Important CVE-2021-28561
Heap-based Buffer Overflow Arbitrary code execution Critical CVE-2021-28560
Heap-based Buffer Overflow Arbitrary code execution Important CVE-2021-28558
Out-of-bounds Read Memory leak Critical CVE-2021-28557
Out-of-bounds Read Arbitrary file system read Important CVE-2021-28555
Out-of-bounds Read Arbitrary code execution Critical CVE-2021-28565
Out-of-bounds Write Arbitrary code execution Critical CVE-2021-28564
Out-of-bounds Write Arbitrary code execution Critical CVE-2021-21044

CVE-2021-21038

CVE-2021-21086

Exposure of Private Information Privilege escalation Important CVE-2021-28559
Use After Free Arbitrary code execution Critical CVE-2021-28562

CVE-2021-28550

CVE-2021-28553

Affected Versions:

The following are all the versions that are affected with this recent zero day:

  • Windows Acrobat DC & Reader DC (versions 2021.001.20150 and earlier)
  • macOS Acrobat DC & Reader DC (versions 2021.001.20149 and earlier)
  • Windows & macOS Acrobat 2020 & Acrobat Reader 2020 (2020.001.30020 and earlier versions)
  • Windows & macOS Acrobat 2017 & Acrobat Reader 2017 (2017.011.30194 and earlier versions)

The Vulnerability:

This zero-day leverages a use-after-free memory corruption flaw that affects Adobe Reader for Windows that has been exploited in the wild in limited attacks.

The Remediation:

Patch the appliance to the most current release of the software (2021.001.20155)

  • The latest product versions are available to end users via one of the following methods:    
    • Users can update their product installations manually by choosing Help > Check for Updates.
    • The products will update automatically, without requiring user intervention, when updates are detected.
    • The full Acrobat Reader installer can be downloaded from the Acrobat Reader Download Center.
  • For IT administrators (managed environments):     
    • Refer to the specific release note version for links to installers.
    • Install updates via your preferred methodology, such as AIP-GPO, bootstrapper, SCUP/SCCM (Windows), or on macOS, Apple Remote Desktop and SSH.

Product

Track

Updated Versions

Platform

Priority Rating

Availability

Acrobat DC

Continuous

2021.001.20155

Windows and macOS

1

Acrobat Reader DC

Continuous

2021.001.20155

Windows and macOS

1

 

 

 

 

 

 

Acrobat 2020

Classic 2020

2020.001.30025

Windows and macOS

1

Acrobat Reader 2020

Classic 2020

2020.001.30025

Windows and macOS

1

 

 

 

 

 

 

Acrobat 2017

Classic 2017

2017.011.30196

Windows and macOS

1

Acrobat Reader 2017

Classic 2017

2017.011.30196

Windows and macOS

1

Reference:

https://helpx.adobe.com/security/products/acrobat/apsb21-29.html