To: All Users

As informed by the Cybersecurity Incident Alert and Response Centre (CARIC), Adobe have recently issued a security vulnerability notice about Adobe Acrobat and Acrobat Reader. Attackers can use this vulnerability to trigger the execution of arbitrary code on the target system. There are signs that related vulnerabilities have been exploited recently. Please be reminded to to update as soon as possible. 

Related vulnerabilities

Exploiting the weakness after memory reuse (CWE-416), attackers will create malicious documents and induce victims to open, which will trigger the arbitrary code execution attacks (CVE-2023-201608).

Affected Products:

• Acrobat DC and Scrobat Reader DC: 22.003.20282 (Win), 22.003.20281 (Mac) and previous versions
• Acrobat 2020 and Acrobat Reader 2020: 20.005.30418 and previous versions

For more details, please refer to: https://helpx.adobe.com/security/products/acrobat/apsb23-01.html

Mitigation
If the above-mentioned affected products are being used, please install the security updates released by Adobe as soon as possible and avoid opening any suspicious files.

Reference

• How to download and install software in a secure manner?
• Basic Knowledge of Online Safety and Security
• Other Information Security Tips

Should you have any enquiries, please feel free to contact ICTO Help Desk.

ICTO Help Desk
Location : Room 2085, 2/F, Central Teaching Building (E5), eMap
Telephone : 8822 8600
email : icto.helpdesk@um.edu.mo

Information and Communication Technology Office