Zero-days under active exploit are keeping Windows users busy
It’s the second Tuesday of February, and that means Microsoft and other software makers are releasing dozens of updates to fix security vulnerabilities. Topping off this month’s list are two zero-days under active exploit and critical networking flaws that allow attackers to remotely execute malicious code or shut down computers.
The most important patch fixes a code-execution flaw in Adobe Reader, which despite its long-in-the-tooth status remains widely used for viewing and working with PDF documents. CVE-2021-21017, as the critical vulnerability is tracked, stems from a heap-based buffer overflow. After being tipped off by an anonymous source, Adobe warned that the flaw has been actively exploited in limited attacks that target Reader users running Windows.
Adobe didn’t provide additional details about the vulnerability or the in-the-wild attacks exploiting it. Typically, hackers use specially crafted documents sent by email or published online to trigger the vulnerability and execute code that installs malware on the device running the application. Adobe’s use of the word “limited” likely means that the hackers are narrowly focusing their attacks on a small number of high-value targets.