![]() In addition to patching these vulnerabilities, today’s update to Acrobat DC on Mac also adds Protected Mode to further address security concerns. A normal user on macOS(with SIP enabled) can locally exploit this vulnerabilities chain to elevate privilege to the ROOT without a user being aware.Īs Gizmodo points out, the one important thing to note is that the hacker would need physical access to your Mac to take advantage of this vulnerability. ![]() ![]() The only requirement needed to trigger the vulnerabilities is that Adobe Acrobat Reader DC has been installed. Today, Adobe Acrobat Reader DC for macOS patched three critical vulnerabilities(CVE-2020-9615, CVE-2020-9614, CVE-2020-9613) I reported. Sun reported the vulnerabilities to Adobe directly, explaining that even with macOS System Integrity Protection enabled, the flaw could have allowed system-level access to an Adobe Acrobat DC user’s Mac. ![]() The issue, as highlighted by Gizmodo, could have allowed root access to a Mac without being detected. Adobe has pushed a critical update to Adobe Acrobat for macOS today, fixing a trio of vulnerabilities reported by Tencent Security Xuanwu Lab researcher Yuebin Sun.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |