Adobe has pushed a critical update to Adobe Acrobat for macOS today, fixing a trio of vulnerabilities reported by Tencent Security Xuanwu Lab researcher Yuebin Sun. The issue, as highlighted by Gizmodo, could have allowed root access to a Mac without being detected.
Sun reported the vulnerabilities to Adobe directly, explaining that even with macOS System Integrity Protection enabled, the flaw could have allowed system-level access to an Adobe Acrobat DC user’s Mac.
Today, Adobe Acrobat Reader DC for macOS patched three critical vulnerabilities(CVE-2020-9615, CVE-2020-9614, CVE-2020-9613) I reported. The only requirement needed to trigger the vulnerabilities is that Adobe Acrobat Reader DC has been installed. A normal user on macOS(with SIP enabled) can locally exploit this vulnerabilities chain to elevate privilege to the ROOT without a user being aware.
As Gizmodo points out, the one important thing to note is that the hacker would need physical access to your Mac to take advantage of this vulnerability.
In addition to patching these vulnerabilities, today’s update to Acrobat DC on Mac also adds Protected Mode to further address security concerns. “The Protected Mode (sandbox) is a core architecture change and covers all the features and workflows in Acrobat. By default, the Protected Mode is turned off,” Adobe explains.
How to enable Protected Mode:
- On the menu, go to Edit > Preferences.
- From the Categories, click Security (Enhanced), and then select Enable Protected Mode at Startup (Preview).
- Quit Acrobat and relaunch.
Other changes in today’s update to Adobe Acrobat DF include a new streamlined Fill & Sign experience, a new Sign menu, and more
For the full technical details of these vulnerabilities, you can read Sun’s full breakdown here. The details on the Adobe Acrobat DC update can be found here. To update your version of Adobe Acrobat, open the app on your Mac and go to Help then Check for Updates.
FTC: We use income earning auto affiliate links. More.