Adobe releases updates (APSB21-55) to fix several critical vulnerabilities in Reader and Acrobat

Adobe releases updates (APSB21-55) to fix several critical vulnerabilities in Reader and Acrobat

Hello everyone,

 

In this month's security release, Adobe has fixed several critical, important, and moderate security vulnerabilities in Reader and Acrobat for Windows and macOS. If these vulnerabilities are exploited, they could cause arbitrary code execution in the context of the current user.

 

The details of the vulnerabilities fixed are as follows:

 CVE-ID
 Severity
 Impact
 CVE-2021-39841
 Critical
 Arbitrary code execution
 CVE-2021-39863
 Critical
 Arbitrary code execution
 CVE-2021-39857

 CVE-2021-39856

 CVE-2021-39855
 Moderate
 Arbitrary file system read
 CVE-2021-39844
 Critical
 Memory leak
 CVE-2021-39861
 Important
 Memory leak
 CVE-2021-39858
 Moderate
 Arbitrary file system read
 CVE-2021-39843
 Critical
 Memory leak
 CVE-2021-39846
 CVE-2021-39845
 Critical
 Arbitrary code execution
 CVE-2021-35982
 Important
 Arbitrary code execution
 CVE-2021-39840

 CVE-2021-39842

 CVE-2021-39839

 CVE-2021-39838

 CVE-2021-39837

 CVE-2021-39836
 Critical
 Arbitrary code execution
 CVE-2021-39860
 Important
 Memory leak
 CVE-2021-39852
 Critical
 Application denial-of-service
 CVE-2021-39854

 CVE-2021-39853

 CVE-2021-39850

 CVE-2021-39849
 Important
 Application denial-of-service
 CVE-2021-39851
 Important
 Application denial-of-service

 The affected versions include:
  • Acrobat DC Continuous - 2021.005.20060 and earlier versions      

  • Acrobat Reader DC Continuous - 2021.005.20060 and earlier versions          

  • Acrobat 2017 Classic 2017 - 2017.011.30199  and earlier versions   

  • Acrobat Reader 2017 Classic 2017 - 2017.011.30199  and earlier versions             

  • Acrobat 2020 Classic 2020  -  2020.004.30006 and earlier versions

  • Acrobat Reader 2020 Classic 2020 - 2020.004.30006 and earlier versions   


To patch these vulnerabilities, initiate a sync between the Desktop Central server and the Central Patch repository. Search for the following Patch IDs or Bulletin IDs and install them in your target systems.

 Patch ID
 Bulletin ID
 Description
 321390
 TU-753
 Adobe Acrobat 2017 Pro and Standard (Acrobat 2017 Track) update - All languages (17.011.30202) (APSB21-55)
 321391
 TU-1222
 Adobe Acrobat 2020 (Classic Track) (20.004.30015) (APSB21-55)
 321392
 TU-137
 Adobe Acrobat DC Pro and Standard (Continuous Track) update - All languages (21.007.20091) (APSB21-55)
 321393
 TU-754
 Adobe Acrobat Reader 2017 MUI (Classic Track) (17.011.30202) (APSB21-55)
 321394
 TU-1178
 Adobe Acrobat Reader 2020 MUI (Classic Track) (20.004.30015) (APSB21-55)
 321395
 TU-072
 Adobe Acrobat Reader DC (21.007.20091) (APSB21-55)
 321396
 TU-073
 Adobe Acrobat Reader DC MUI (21.007.20091) (APSB21-55)

Cheers,

The ManageEngine Team