Adobe patches a zero-day along with several critical and important vulnerabilities in Acrobat and Reader

Adobe patches a zero-day along with several critical and important vulnerabilities in Acrobat and Reader

Hello everyone,

Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address multiple critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user.       

Adobe has also patched CVE-2021-21017 which has been exploited in the wild in limited attacks targeting Adobe Reader users on Windows.

The details of vulnerabilities patched are as follows: 


 CVE ID
 Vulnerability
 Impact
 Severity
 CVE-2021-21046
 Buffer overflow
 Application denial-of-service
 Important
 CVE-2021-21017
 Heap-based Buffer   Overflow
 Arbitrary code execution
 Critical
 CVE-2021-21037
 Path Traversal
 Arbitrary code execution
 Critical
 CVE-2021-21036
 Integer Overflow
 Arbitrary code execution
 Critical
 CVE-2021-21045
 Improper Access Control
 Privilege escalation
 Critical
 CVE-2021-21042
 CVE-2021-21034
 Out-of-bounds Read
 Privilege escalation
 Important
 CVE-2021-21061
 Use-after-free
 Information Disclosure
 Important
 CVE-2021-21044
 CVE-2021-21038
 Out-of-bounds Write
 Arbitrary code execution
 Critical
 CVE-2021-21058
 CVE-2021-21059
 CVE-2021-21062
 CVE-2021-21063
 Buffer overflow
 Arbitrary code execution
 Critical
 CVE-2021-21057
 NULL Pointer   Dereference
 Information Disclosure
 Important
 CVE-2021-21060
 Improper Input Validation
 Information Disclosure
 Important
 CVE-2021-21041
 CVE-2021-21040
 CVE-2021-21039
 CVE-2021-21035
 CVE-2021-21033
 CVE-2021-21028
 CVE-2021-21021
 Use After Free
 Arbitrary code execution
 Critical
To patch these vulnerabilities using Desktop Central, initiate a sync between the Central Patch Repository and the 
Desktop Central server. Once synced, search for the Patch IDs or Bulletin IDs relevant to the updates you want installed and deploy them to your target systems.

 Patch ID
 Bulletin ID
 Patch Description
 318297
 TU-137
 Adobe Acrobat DC Pro and Standard (Continuous Track)   update - All languages (21.001.20135) (APSB21-09)
 318299
 TU-072
 Adobe Acrobat Reader DC (21.001.20135) (APSB21-09)
 318300
 TU-073
 Adobe Acrobat Reader DC MUI (21.001.20135) (APSB21- 09)
 318296
 TU-753
 Adobe Acrobat 2017 Pro and Standard (Acrobat 2017 Track)   update - All languages (17.011.30190) (APSB21-09)
 318298
 TU-754
 Adobe Acrobat Reader 2017 MUI (Classic Track) (17.011.30190)   (APSB21-09)
 318302
 TU-1178
 Adobe Acrobat Reader 2020 MUI (Classic Track) (20.001.30020)   (APSB21-09)
 318303
 TU-1222
 Adobe Acrobat 2020 (Classic Track) (20.001.30020) (APSB21-09)

Cheers,

The ManageEngine team 




      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
              See all integrations
              New to ADManager Plus?
              See all integrations
              New to ADManager Plus?

                New to ADSelfService Plus?

                Start your free trial
                Start your free trial



                          Related Products