Skip to main content

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
Alerts

Critical Zero-day Vulnerability Affecting Adobe Acrobat and Reader

13 September 2023

Adobe has released security updates addressing a zero-day vulnerability (CVE-2023-26369) affecting their Acrobat and Reader products. The vulnerability is reportedly being actively exploited.

Successful exploitation of the out-of-bounds write vulnerability would allow an attacker to perform arbitrary code execution.

The vulnerability affects the following versions for all MacOS and Windows platforms:

  • Acrobat DC Continuous 23.003.20284 and earlier versions

  • Acrobat Reader DC Continuous 23.003.20284 and earlier versions

  • Acrobat 2020 Classic 2020 20.005.30516 (Mac), 20.005.30514 (Win), and earlier versions

  • Acrobat Reader 2020 Classic 2020 20.005.30516 (Mac), 20.005.30514 (Win), and earlier versions

Users and administrators of affected products are advised to update their software to the latest versions immediately.

More information is available at:

https://helpx.adobe.com/security/products/acrobat/apsb23-34.html

https://www.bleepingcomputer.com/news/security/adobe-warns-of-critical-acrobat-and-reader-zero-day-exploited-in-attacks/

Back to top