Adobe updates available for Acrobat and Reader
The security updates eliminate security vulnerabilities classified as critical.
Adobe has released security updates for the PDF tools Acrobat and Acrobat Reader. The updates fix security vulnerabilities classified as critical.
Adobe seems to be increasingly deviating from its longstanding practice of releasing security updates on Microsoft Patch Day. This month Adobe released important updates for Acrobat and Acrobat Reader a week late without an urgent reason being apparent. For all vulnerabilities closed with these updates, Adobe only shows priority 2. Attacks that exploit one of the vulnerabilities are not yet known.
The Adobe Security Bulletin APSB20-67 lists a total of 14 security vulnerabilities, as of which Adobe has classified four as critical. Six vulnerabilities are classified as high, four as medium risk. The vulnerabilities classified as critical allow an attacker to smuggle in arbitrary code using prepared PDF files and to execute this with the permissions of the logged on user.
You can find the current Adobe Security Bulletins here.