Perhaps more worryingly, Adobe also revealed that it has received a report that one of the vulnerabilities ( CVE-2021-28550) was being actively used to target Adobe Reader users on Windows in “limited attacks”.
Stating that the security updates for both Adobe Acrobat and Reader for Windows and macOS were released to address multiple critical and important software vulnerabilities, the company said that if a malicious actor was able to exploit the flaws, it could grant them the ability to execute arbitrary code (read: dangerous commands) on the current user’s system. Also read: Adobe updates Photoshop with native support for M1 Macs
