好的,我现在需要帮用户总结一篇文章的内容,控制在100字以内。首先,我得仔细阅读文章,理解其主要内容和关键点。 文章讲的是Adobe发布了紧急安全更新,修复了Acrobat Reader中的一个漏洞CVE-2026-34621。这个漏洞已经被用于零日攻击,至少从12月开始。恶意PDF文件可以绕过沙盒限制,调用特权JavaScript API,导致任意代码执行。攻击者可以读取和窃取任意文件,用户只需打开恶意PDF即可,无需其他互动。 漏洞是由Haifei Li发现的,他通过EXPMON系统检测到这个问题。样本在VirusTotal上提交后被少数安全厂商标记为恶意。Adobe随后发布了安全公告,并降低了漏洞的严重性评分。受影响的产品包括多个版本的Acrobat DC和Reader DC。Adobe建议用户通过更新应用或下载新安装包来修复漏洞,并提醒用户谨慎处理未知来源的PDF文件。 现在,我需要将这些信息浓缩到100字以内。重点包括:Adobe修复了Acrobat Reader的零日漏洞CVE-2026-34621;该漏洞允许恶意PDF绕过沙盒限制,执行任意代码;攻击者可窃取文件;已发布更新;建议用户更新软件并谨慎处理PDF。 确保语言简洁明了,不使用复杂的术语,同时涵盖所有关键点。 </think> Adobe修复了Acrobat Reader中的零日漏洞CVE-2026-34621,该漏洞允许恶意PDF绕过沙盒限制并执行任意代码。攻击者可利用此漏洞窃取文件。Adobe已发布更新修复问题,并建议用户立即安装补丁以确保安全。 2026-4-13 15:46:46 Author: www.bleepingcomputer.com(查看原文) 阅读量:4 收藏
Adobe has released an emergency security update for Acrobat Reader to fix a vulnerability, tracked as CVE-2026-34621, that has been exploited in zero-day attacks since at least December.
The flaw allows malicious PDF files to bypass sandbox restrictions and invoke privileged JavaScript APIs, potentially leading to arbitrary code execution. The exploit observed in attacks enables reading and stealing arbitrary files. No user interaction is required beyond opening the malicious PDF.
Specifically, the exploit abuses APIs like util.readFileIntoStream() to read arbitrary local files and RSS.addFeed() to exfiltrate data and fetch additional attacker-controlled code.
The security issue was discovered by Haifei Li, founder of the EXPMON exploit detection system, after someone submitted for analysis a PDF sample named "yummy_adobe_exploit_uwu.pdf."
Haifei Li says that someone submitted the sample to EXPMON on March 26, but it had been sent to VirusTotal three days before, where only five out of 64 security vendors flagged it as malicious at the time.
The researcher decided to manually investigate the issue after the exploit detection system activated its "detection in depth" feature, an advanced detection capability Haifei Li specifically developed for Adobe Reader, he says in a blog post last week.
Security researcher Gi7w0rm spotted attacks in the wild that leveraged Russian-language documents with oil and gas industry lures.
Following the receipt of Li’s report, Adobe published a security bulletin over the weekend, assigning the vulnerability the CVE-2026-34621 tracker.
Although the flaw was initially rated critical (9.6) with a network attack vector, Adobe subsequently lowered the severity to 8.6 after changing the vector to local.
The vendor listed the following Windows and macOS products as impacted:
- Acrobat DC versions 26.001.21367 and earlier (fixed in version 26.001.21411)
- Acrobat Reader DC versions 26.001.21367 and earlier (fixed in version 26.001.21411)
- Acrobat 2024 versions 24.001.30356 and earlier (fixed in version 24.001.30362 on Windows, and version 24.001.30360 on Mac)
Adobe recommends that users of the above software update their applications through ‘Help > Check for Updates,’ which triggers an automated update.
Alternatively, users may download an Acrobat Reader installer from Adobe’s official software portal.
No workarounds or mitigations were listed in the bulletin, so applying the security updates is the only recommended action.
However, users should always be wary of PDF files sent from unsolicited sources and open them in sandboxed environments when suspicious.
Automated Pentesting Covers Only 1 of 6 Surfaces.
Automated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the other.
This whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic questions for any tool evaluation.
如有侵权请联系:admin#unsafe.sh