On Tuesday 11th of May, Adobe released a patch for multiple critical vulnerabilities in Adobe Reader and Acrobat on Windows and MacOS. Adobe indicates in the “Adobe Security Bulletin” that one of the vulnerabilities, CVE-2021-28550, has been exploited in the wild targeting Adobe Reader users on Windows. Via this message, we would like to inform you about the threat, and the possible mitigation steps that can be taken.
Adobe did not release technical specifics regarding the vulnerabilities. The vulnerabilities could lead to arbitrary code execution in the context of the current user. This makes it possible for an attacker to create a specifically prepared PDF file that, when opened by Adobe Reader, can execute arbitrary code. The attacker can use this to install malware on the system. Therefore, Northwave assesses the impact as high.
No public exploit code is available currently, however Adobe indicates that one of the vulnerabilities, CVE-2021-28550, has been exploited in the wild targeting Adobe Reader users on Windows. Therefore, Northwave assesses the risk of this vulnerability to be high.
Adobe released patches to resolve these vulnerabilities. Northwave recommends installing the patch immediately. There are no other known mitigations available at the moment.
What will Northwave do?
Northwave will monitor any developments regarding this vulnerability. If new critical information about this threat arises, we will reach out to you. If you need additional information, you can call us by phone or send us an email.