Every macOS user who uses Adobe Acrobat DC needs to apply the latest patch rolled out today by Adobe (version 20.009.20063) as it fixes three critical vulnerabilities, one of which allows local users to exploit Adobe Acrobat DC to gain root access to a macOS computer without being detected (via Gizmodo).
According to Tencent Security researcher Yuebin Sun, even with macOS’s built-in System Integrity Protection enabled, it’s possible to use Adobe Acrobat’s security flaw to gain system-level access to a user’s entire machine. This is because a critical process in Acrobat runs as root instead of being sandboxed.
Adobe notes that its latest patch adds a Protected Mode that sandboxes the app and “covers all the features and workflows in Acrobat.”
Adobe says its new Protected Mode is a change to Acrobat’s core architecture and should address the app’s previous security concerns.
However, Protected Mode is turned off by default, so if you’re really concerned about security, you’ll need to take a few steps after updating Acrobat to the latest version. Open Acrobat, go to the Edit menu, select Preferences, and from the Categories section, select Security and click the checkbox that says Enable Protected Mode at Startup (Preview).
The update also includes other improvements, such as a streamlined Fill & Sign experience and a simplified redaction tool. To learn more about enabling the Protected Mode, visit this support page.