Update Your Adobe Acrobat Reader Now to Patch Critical Flaw

CVECVE-2023-26423
CVSScvssV3_1: 7.8
SourceCVE-2023-26423

Adobe Acrobat Reader, the popular PDF document viewer, has a high severity vulnerability that could allow hackers to take control of your computer.

The vulnerability, tracked as CVE-2023-26423 with a CVSS score of 7.8, is a use-after-free bug that exists in Adobe Acrobat Reader versions 23.001.20093 and earlier as well as version 20.005.30441 and earlier. This type of bug occurs when the application fails to properly clean up memory after freeing an object. Hackers can exploit this to run arbitrary code on the victim’s machine.

To carry out the attack, hackers would need to trick victims into opening a specially crafted malicious PDF file. Simply viewing the file could enable the execution of malware or spyware on the user’s computer without their knowledge.

If exploited, this vulnerability would allow an attacker to install programs; view, change, or delete data; or create new accounts with full user rights. Essentially, it gives the hacker complete control of the affected system.

The best way to protect yourself is to update to the latest version of Adobe Acrobat Reader, which patches this security hole. You should also be cautious about opening files from untrusted sources. Staying on top of software updates is one of the best ways to defend against cyber threats targeting known vulnerabilities.

References