F1TYM1

Adobe’s PDF opening and creating applications have a serious security flaw: update NOW

In the market we can find a large number of applications that allow us to create, edit and read files in PDF format, as well as to create documents, however, the most used solutions in both cases are from Adobe and Microsoft.

The main advantage of using the software from both manufacturers is that they include a large number of functions making them the most complete on the market. While it is true that to access this you have to check out, if we value functionality above all, they are the best option.

If we also do not want to forget about security, both software developers are also the best option since, when any new vulnerability is detected, they quickly patch it and inform their clients to update their applications.

The latest news related to a security problem does not come from Windows or Chrome (as is usually the case) but from Adobe. As we can read on the Adobe blog, the company has released several security updates that solve type zero vulnerabilities in Acrobat DC and Reader, vulnerabilities that allow strangers to carry out attacks.

The problem with this new vulnerability is that it is of the zero-day type, that is, a vulnerability that has always been in the application so it may have been exploited by other people’s friends for a long time. It is also possible that it has never been used, although this is unlikely.

Adobe Acrobat Reader Vulnerability

Applications affected by the vulnerability

This vulnerability has been named CVE-2023-26369, a vulnerability that allows attackers execute arbitrary code. According to Adobe, very complex code is not necessary to take advantage of this security problem, however, to make it work it can only be done locally and, in addition, requires intervention by the user (through a file received by mail or downloaded from the Internet).

Despite having to carry out the attack locally and requiring user intervention, the creator of the PDF format has given it the highest dangerousness score and, as expected, has released an update that solves this problem. The versions of Adobe Acrobat and Adobe Reader affected for this problem are:

  • Adobe Acrobat DC 23.003.20284 and earlier
  • Adobe Reader DC 23.023.20284 and earlier
  • 20.005.30516 and earlier for Acrobat 2020 for Mac
  • 20.005.30514 and earlier for Acrobat 2020 for Windows
  • 20.005.30516 and earlier for Acrobat Reader 2020 for Mac
  • Acrobat Reader Acrobat for Windows 20.005.30514 and earlier

To update these applications, we just have to access the Help – Updates menu. We can also run them and wait for the application to verify that there is a new update so that it can proceed to download and install it.

Once it has been shown that the best way for our Windows computer to be completely safe from any vulnerability is to update both the operating system and all the applications that we use daily whenever a new version is released.

In:

Tags:

, , , , , , , , , , ,