Adobe: Critical Flaws in Reader, Acrobat, Illustrator

Adobe has issued multiple security advisories with patches for critical vulnerabilities in a wide range of software products, including the ever-present Adobe Acrobat and Reader application.

The Mountain View, Calif.-based Adobe urged Windows and macOS users to treat the PDF Reader patch with the utmost priority, because the flaws expose machines to remote code execution and privilege escalation attacks.

The Acrobat and Reader update patches at least 19 documented vulnerabilities, all carrying the “critical” or “important” security ratings. 

”Successful exploitation could lead to arbitrary code execution in the context of the current user,” Adobe warned, noting that most of the flaws are memory safety issues.

In addition to the Acrobat and Reader patches, Adobe also provided cover for another 10 documented flaws in products in Adobe Illustrator, Adobe Framemaker, Adobe Dimension and Adobe Bridge.

Here’s the full list of advisories released on Tuesday:

• APSB21-40 – Adobe Dimension (critical, code execution)
• APSB21-42 – Adobe Illustrator (critical, code execution)
• APSB21-45 – Adobe Framemaker (critical, code execution)
• APSB21-51 – Adobe Acrobat and Reader (critical, code execution)
• APSB21-53 – Adobe Bridge (critical, code execution)

Adobe said it was not aware of any public exploits targeting any of the security defects.

Related: Adobe: Windows Users Hit by PDF Reader Zero-Day

Related: Adobe Patches Reader Vulnerability Exploited in the Wild

Related: Adobe Patches Major Security Flaws in PDF Reader, Photoshop