Skip to main content

Update Adobe Acrobat Reader To Patch Security Issue

By November 12, 2020May 5th, 2022Cybersecurity

A lot of people have a complicated relationship with Adobe Acrobat reader.

On the one hand, it’s an undeniably useful piece of software and one of the most widely installed and used on the planet.

There’s simply no better and more convenient way to view PDFs, no matter what kind of device you’re using.

On the other hand, the Acrobat Reader is notoriously riddled with bugs and security flaws, and Adobe is forever playing defense. They’re gamely trying to patch each new issue as it is discovered. Recently, the company released a major patch that addresses a total of fourteen different security flaws, with ten of the fourteen being rated as either critical or important.

Here’s a quick overview of the flaws that are addressed by the latest patch:

  • CVE-2020-24435 – Critical – Arbitrary Code Execution
  • CVE-2020-24433 – Important – Local Privilege Escalation
  • CVE-2020-24432 – Important – Arbitrary JavaScript Execution
  • CVE-2020-24439 – Moderate – Minimal (defense in depth) Fix
  • CVE-2020-24429 – Important – Local Privilege Escalation
  • CVE-2020-24427 – Important – Improper Information Disclosure
  • CVE-2020-24431 – Important – Dynamic Library Injection
  • CVE-2020-24436 – Critical – Arbitrary Code Execution
  • CVE-2020-24426 – Moderate – Improper Information Disclosure
  • CVE-2020-24434 – Moderate – Improper Information Disclosure
  • CVE-2020-24428 – Important – Local Privilege Escalation
  • CVE-2020-24430 – Critical – Arbitrary Code Execution
  • CVE-2020-24437 – Critical – Arbitrary Code Execution
  • And CVE-2020-24438 – Moderate – Improper Information Disclosure

Needless to say, this is a big, important patch. Even if you don’t normally make Acrobat Reader updates a priority, this should be an exception to that rule. The faster you get all copies of the software updated on your network, the safer and more secure your system will be.

Hopefully, the day will come when Adobe can stop playing defense and the pace of newly discovered security issues will begin to slow to a trickle. Until that happens though, kudos to Adobe for their fast action and continued efforts to plug the security holes in their widely used Reader software.

Chris Forte

Chris Forte, President and CEO of Olmec Systems, has been in the MSP workspace for the past 25 years. Chris earned his Master’s Degree from West Virginia University, graduating Magna Cum Laude. He was a past member of the Entrepreneurs’ Organization, a current member of the New Jersey Power Partners and Executive Association of New Jersey, where he has previously served on its board of directors. In his spare time, Chris enjoys traveling with his family. He also admits to being a struggling golfer and avid watcher of college football and basketball. He currently lives in Boonton Township, NJ with his wife, two daughters, son, and black lab Luna.