← Back to stories A cybersecurity expert inspecting lines of code on multiple monitors in a dimly lit office.
Photo by Mikhail Nilov on Pexels
凤凰科技 2026-04-14

Adobe patches zero-day vulnerability in PDF reader that had been exploited by hackers for at least four months

What happened

Adobe has released an emergency update for Acrobat and Reader to fix a critical zero‑day vulnerability that reportedly has been exploited in the wild for at least four months. The company’s security bulletin urges users and administrators to apply the patch immediately. PDFs are a common attack vector; a single malicious document can deliver remote code execution if the reader is vulnerable.

Technical and exploitation details

Adobe described the flaw as a memory‑corruption bug that could allow an attacker to run arbitrary code when a victim opens a specially crafted PDF. It has been reported that attackers weaponized the bug in targeted campaigns, delivering malware via email and web downloads. Adobe’s bulletin lists patched versions for Windows and macOS; affected organizations should prioritize updating managed endpoints and scanning for indicators of compromise.

Who was targeted — and how worried should you be?

Who was targeted remains unclear. It has been reported that the exploitation was focused and not a broad spray, but Adobe did not publicly attribute the attacks to any group. Why the long window of active exploitation matters is simple: PDF readers are ubiquitous in government, finance and enterprise workflows. A compromise here can be a beachhead into critical networks. So yes — this is serious.

What organisations should do now (and the wider context)

Apply Adobe’s update at once. Where immediate patching is difficult, mitigate by disabling JavaScript in Reader, blocking suspicious PDF attachments at the gateway, and enforcing least‑privilege for desktop apps. For Chinese readers and organisations used to different domestic software ecosystems: ensure patched binaries come from Adobe’s official distribution channels and verify integrity where possible. In an age of cross‑border tech tensions and export controls, timely patching and good cyber‑hygiene remain the simplest — and most effective — defence.

Space
View original source →