Adobe Reader Critical Zero-Day Vulnerability

THE THREAT

On February 9, 2021, Adobe announced security patches for a variety of vulnerabilities affecting their products, including a previously unidentified zero-day vulnerability. The zero-day vulnerability (CVE-2021-21017) affects Adobe Reader on Windows and macOS devices and is being actively exploited in the wild for users on Windows. CVE-2021-21017 is a heap-based buffer overflow vulnerability, that if exploited allows for remote code execution. The vulnerability is rated as critical by Adobe.

As this vulnerability is already being exploited by actors in the wild, it is highly recommended that organizations test and deploy the official Adobe patch as soon as possible.

What we’re doing about it

• MVS will automatically add the relevant checks for CVE-2021-21017 once details are made available
• eSentire security teams continue to track this topic for additional details and detection opportunities

What you should do about it

• After performing a business impact review, apply the security patches provided by Adobe

Additional information

Details relating to attacks exploiting CVE-2021-21017 in the wild are currently not publicly available. eSentire security teams are actively tracking this threat for additional details.

Outside of CVE-2021-21017, Adobe released 16 other vulnerabilities ranked as critical, along with a variety of less severe vulnerabilities. At this time, only CVE-2021-21017 has been identified as being exploited in the wild. It is recommended that organizations apply all relevant Adobe patches as soon as possible to avoid being impacted by this vulnerability.

References:

[1] https://helpx.adobe.com/security/products/acrobat/apsb21-09.html