Adobe has fixed vulnerabilities in its flagship document-reading apps, Acrobat DC, Reader DC, and Acrobat 2024. These vulnerabilities have been actively exploited by hackers for at least four months.
The vulnerability, officially tracked as CVE-2026-34621, allows hackers to remotely plant malware on a user’s device by tricking the user into opening a maliciously crafted PDF file on a Windows device or macOS computer. This exploit targets a vulnerability in some versions of Adobe Reader software.
It is still unclear how many people were affected by this hacking operation. Adobe said in a note on its website that it is aware of the bug, known as a zero-day exploit, suggesting hackers were using it to break into people’s computers before Adobe fixed it.
It’s not clear who is behind the hacking efforts, but Adobe’s PDF-reading software is so widely available that it has been a consistent target for cybercriminals and government-sponsored hackers, who have exploited weaknesses in the software to steal data from people’s computers.
Haifei Li, a security researcher who runs the exploit detection system EXPMON, discovered the vulnerability after someone uploaded a copy of a malicious PDF containing the exploit to a malware scanner. Another copy of the malware-filled PDF first appeared on VirusTotal, another online malware scanner, in late November 2025, Lee wrote in a blog post.
It’s not clear who the hacking campaign was targeting or why, and Lee said it was impossible to obtain additional exploits from the hackers’ servers. However, according to Lee’s analysis, opening a malicious PDF and triggering an exploit could “take complete control of the victim’s system” and give the hacker the ability to steal a wide range of data.
Adobe said Acrobat DC, Reader DC, and Acrobat 2024 are affected and urged users to update their software to the latest version.
Source link
