Adobe has fixed a critical vulnerability in Acrobat Reader that allowed attackers to compromise the system via PDF files

Adobe releases emergency update for Acrobat Reader

Adobe announced the release of a critical patch that closes a vulnerability attackers have been exploiting since December 2025.

- Update as soon as possible:

- Acrobat Reader – version 26.001.21411

- Acrobat 2024 – versions 24.001.30362 (Windows) and 24.001.30360 (macOS)

What happened
The BleepingComputer article dated April 10 describes a serious vulnerability in Acrobat Reader that can steal users’ confidential data.

- Researcher Haifei Li reported that attackers are using a sophisticated method to attack via a PDF file.

- The attack is based on system parameter detection and uses a zero‑day.

- Since December 2025 the vulnerability has already been exploited, i.e., for more than four months.

How the attack works
1. No action required from the user – just opening an infected PDF is enough.

2. The attacker can:

- Collect and steal data from the local device;

- Execute arbitrary code (RCE);

- Bypass the sandbox (SBX).

As a result, full control over the victim’s system may be achieved.

Adobe’s recommendation:

Update Acrobat Reader or Acrobat 2024 to the specified versions as soon as possible to protect against this threat.