Adobe has issued multiple security advisories with patches for critical vulnerabilities in a wide range of software products, including the ever-present Adobe Acrobat and Reader application.
The Mountain View, Calif.-based Adobe urged Windows and macOS users to treat the PDF Reader patch with the utmost priority, because the flaws expose machines to remote code execution and privilege escalation attacks.
The Acrobat and Reader update patches at least 19 documented vulnerabilities, all carrying the “critical” or “important” security ratings.
”Successful exploitation could lead to arbitrary code execution in the context of the current user,” Adobe warned, noting that most of the flaws are memory safety issues.
In addition to the Acrobat and Reader patches, Adobe also provided cover for another 10 documented flaws in products in Adobe Illustrator, Adobe Framemaker, Adobe Dimension and Adobe Bridge.
Here’s the full list of advisories released on Tuesday:
- APSB21-40 – Adobe Dimension (critical, code execution)
- APSB21-42 – Adobe Illustrator (critical, code execution)
- APSB21-45 – Adobe Framemaker (critical, code execution)
- APSB21-51 – Adobe Acrobat and Reader (critical, code execution)
- APSB21-53 – Adobe Bridge (critical, code execution)
Adobe said it was not aware of any public exploits targeting any of the security defects.
Related: Adobe: Windows Users Hit by PDF Reader Zero-Day
Related: Adobe Patches Reader Vulnerability Exploited in the Wild
Related: Adobe Patches Major Security Flaws in PDF Reader, Photoshop

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.
More from Ryan Naraine
- Comcast Wants a Slice of the Enterprise Cybersecurity Business
- VMware Confirms Exploit Code Released for Critical vRealize Logging Vulnerabilities
- Gem Security Gets $11 Million Seed Investment for Cloud Incident Response Platform
- Ransomware Leads to Nantucket Public Schools Shutdown
- Sentra Raises $30 Million for DSPM Technology
- Saviynt Raises $205M; Founder Rejoins as CEO
- OpenVEX Spec Adds Clarity to Supply Chain Vulnerability Warnings
- Tenable Launches $25 Million Early-Stage Venture Fund
Latest News
- Comcast Wants a Slice of the Enterprise Cybersecurity Business
- Critical Baicells Device Vulnerability Can Expose Telecoms Networks to Snooping
- New York Attorney General Fines Vendor for Illegally Promoting Spyware
- SecurityWeek Analysis: Over 450 Cybersecurity M&A Deals Announced in 2022
- 20 Million Users Impacted by Data Breach at Instant Checkmate, TruthFinder
- Cyber Insights 2023 | Zero Trust and Identity and Access Management
- Cyber Insights 2023 | The Coming of Web3
- European Police Arrest 42 After Cracking Covert App
