Adobe Patches 22 Critical Vulnerabilities in Acrobat

July 14, 2022

Adobe Patches 22 Critical Vulnerabilities in Acrobat

Adobe has released a major security update for Acrobat and Reader products, addressing at least 22 reported vulnerabilities, some of which might lead to arbitrary code execution attacks.

The Vulnerabilities

  • The vulnerabilities have been documented as ‘use-after-free’ and ‘out-of-bounds read’ memory safety issues that could expose computer users to arbitrary code execution and memory leak attacks.
  • The full list of vulnerabilities appears in the following Advisory under the heading Vulnerability Details.

Affected Products

  • Acrobat DC
  • Acrobat Reader DC
  • Acrobat 2020
  • Acrobat 2017
  • Acrobat Reader 2017

Mitigation

CYREBRO recommends updating software installations to the latest versions.

Additional updates

A code execution vulnerability in RoboHelp (rated important), two code execution and memory leak vulnerabilities in Photoshop (Windows and macOS), and two severe bugs in Adobe Character Animator for Windows and macOS were also fixed as part of Adobe’s Patch Tuesday release.

Before updates were made available, Adobe said it was not aware of any vulnerabilities being used in the wild.

 

References: Adpbe Advisory

Sign Up for Updates