Adobe has released a massive patch yesterday that fixes issues with twelve different applications, including one actively exploited vulnerability in Adobe Reader. The patched applications include Adobe Experience Manager, Adobe InDesign, Adobe Illustrator, Adobe InCopy, Adobe Genuine Service, Adobe Acrobat and Reader, Magento, Adobe Creative Cloud Desktop Application, Adobe Media Encoder, Adobe After Effects, Adobe Medium, and Adobe Animate. Of particular concern, Adobe warns that one of the Adobe Acrobat and Reader vulnerabilities tracked as CVE-2021-28550 has been exploited in the wild in limited attacks against Adobe Reader on Windows devices. This flaw is a remote code execution vulnerability that could allow an attacker to execute commands in Windows, including running malware and possibly taking over the victim’s computer. In total, there are 43 vulnerabilities fixed, not including dependencies in Adobe Experience Manager.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased