Adobe Reader Zero-Day Exploit
We have just become aware of a recent zero-day exploit associated with Adobe Reader; this zero-day has been exploited in the wild to compromise end-user machines.
Priority:
This recent exploit (CVE-2021-28550) should be considered critical in terms of establishing a remediation plan. It is recommended that if you have an affected model that you remediate within 24-48 hours via an emergency change. Other critical vulnerabilities need to be addressed as well (see below).
| Vulnerability Category | Vulnerability Impact | Severity | CVE Number |
|---|---|---|---|
| Buffer overflow | Arbitrary code execution | Important | CVE-2021-28561 |
| Heap-based Buffer Overflow | Arbitrary code execution | Critical | CVE-2021-28560 |
| Heap-based Buffer Overflow | Arbitrary code execution | Important | CVE-2021-28558 |
| Out-of-bounds Read | Memory leak | Critical | CVE-2021-28557 |
| Out-of-bounds Read | Arbitrary file system read | Important | CVE-2021-28555 |
| Out-of-bounds Read | Arbitrary code execution | Critical | CVE-2021-28565 |
| Out-of-bounds Write | Arbitrary code execution | Critical | CVE-2021-28564 |
| Out-of-bounds Write | Arbitrary code execution | Critical | CVE-2021-21044
CVE-2021-21038 CVE-2021-21086 |
| Exposure of Private Information | Privilege escalation | Important | CVE-2021-28559 |
| Use After Free | Arbitrary code execution | Critical | CVE-2021-28562
CVE-2021-28550 CVE-2021-28553 |
Affected Versions:
The following are all the versions that are affected with this recent zero day:
- Windows Acrobat DC & Reader DC (versions 2021.001.20150 and earlier)
- macOS Acrobat DC & Reader DC (versions 2021.001.20149 and earlier)
- Windows & macOS Acrobat 2020 & Acrobat Reader 2020 (2020.001.30020 and earlier versions)
- Windows & macOS Acrobat 2017 & Acrobat Reader 2017 (2017.011.30194 and earlier versions)
The Vulnerability:
This zero-day leverages a use-after-free memory corruption flaw that affects Adobe Reader for Windows that has been exploited in the wild in limited attacks.
The Remediation:
Patch the appliance to the most current release of the software (2021.001.20155)
- The latest product versions are available to end users via one of the following methods:
- Users can update their product installations manually by choosing Help > Check for Updates.
- The products will update automatically, without requiring user intervention, when updates are detected.
- The full Acrobat Reader installer can be downloaded from the Acrobat Reader Download Center.
- For IT administrators (managed environments):
- Refer to the specific release note version for links to installers.
- Install updates via your preferred methodology, such as AIP-GPO, bootstrapper, SCUP/SCCM (Windows), or on macOS, Apple Remote Desktop and SSH.
|
Product |
Track |
Updated Versions |
Platform |
Priority Rating |
Availability |
|
Acrobat DC |
Continuous |
2021.001.20155 |
Windows and macOS |
1 |
|
|
Acrobat Reader DC |
Continuous |
2021.001.20155 |
Windows and macOS |
1 |
|
|
|
|
|
|
|
|
|
Acrobat 2020 |
Classic 2020 |
2020.001.30025 |
Windows and macOS |
1 |
|
|
Acrobat Reader 2020 |
Classic 2020 |
2020.001.30025 |
Windows and macOS |
1 |
|
|
|
|
|
|
|
|
|
Acrobat 2017 |
Classic 2017 |
2017.011.30196 |
Windows and macOS |
1 |
|
|
Acrobat Reader 2017 |
Classic 2017 |
2017.011.30196 |
Windows and macOS |
1 |
Reference:
https://helpx.adobe.com/security/products/acrobat/apsb21-29.html
