Adobe fixed actively exploited zero-day in Acrobat and Reader

Software giant Adobe is warning of a critical security vulnerability in the PDF Acrobat and Reader that is actively exploited in the wild.
Adobe Patch Tuesday security updates (APSB23-34) addressed a critical zero-day vulnerability actively exploited in the wild in attacks on Adobe Acrobat and Reader products.

The vulnerability, tracked as CVE-2023-26369, is an out-of-bounds write memory safety issue that can be exploited to execute arbitrary code on vulnerable installs.

“Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses a critical vulnerability. Successful exploitation could lead to arbitrary code execution .” reads the advisory, 

“Adobe is aware that CVE-2023-26369 has been exploited in the wild in limited attacks targeting Adobe Acrobat and Reader.”

The vulnerability affects both Windows and macOS installations. Below is the list of affected versions:

Product	Track	Affected Versions	Platform
Acrobat DC 	Continuous 
23.003.20284 and earlier versions	Windows &  macOS
Acrobat Reader DC	Continuous 	23.003.20284 and earlier versions
 	Windows & macOS
     	
Acrobat 2020	Classic 2020           	20.005.30516 (Mac) 20.005.30514 (Win)and earlier versions
 	Windows & macOS
Acrobat Reader 2020	Classic 2020           	20.005.30516 (Mac)20.005.30514 (Win)and earlier versions	Windows & macOS