Critical Adobe Acrobat and Reader Bugs Allow RCE
On Tuesday, Adobe patched several critical and important flaws related to CVEs in Acrobat and Adobe Reader. The fixes were part of the company’s regularly scheduled security updates. 11 holes in Acrobat and Reader ranked as critical have been patched. The now-fixed flaws could allow attackers to remotely execute code as well as surpass security features built into the apps.
Most of the patched vulnerabilities were found in document-management applications for the two apps, however, one flaw was found in Adobe Lightroom’s image manipulation software. Adobe released a statement that claims none of the vulnerabilities addressed in yesterday’s security updates were being actively exploited in the wild.