The software company has released a security update for Windows and macOS users, urging them to apply the patch as soon as possible in order to reduce the risk of an attack.
In a statement, the firm said: “Adobe is aware that CVE-2023-26369 has been exploited in the wild in limited attacks targeting Adobe Acrobat and Reader.”
Adobe Acrobat and Reader patch
Details about the vulnerability remain scarce given the fresh nature of the discovery, however the software maker did confirm that: “Successful exploitation could lead to arbitrary code execution.”
Acrobat DC and Acrobat Reader DC versions 23.003.20284 and earlier have been confirmed to be affected, as have 2020 versions of both software running build 20.005.30516 and earlier for macOS and 20.005.30514 and earlier for Windows.
Adobe’s latest software updates for its PDF programs, which became available on September 12, address a series of security issues. They also introduce some feature changes and enhancements, including the ability to reposition quick tools, new undo and redo options in the top menu bar, drag-and-drop support for combining files, and more.
The San Jose-based company also issued further updates across its range of products, including Adobe Connect and Adobe Experience Manager software, which allowed attackers to gain arbitrary code execution on unpatched devices.
The discovery of vulnerabilities in Adobe’s software is not ideal, but nor is it alarming. Companies release security fixes for their software on a regular basis in order to iron out vulnerabilities and protect users, and the fact that the company responded with speed is admirable.
Adobe or not, anybody using any digital service should keep an eye on software and firmware updates that become available, installing them as soon as possible.