CVE-2022-44520

Name of the Vulnerable Software and Affected Versions Acrobat Reader DC versions 17.012.30205 through 22.001.20085 Acrobat Reader DC versions 20.005.3031x and earlier

Description A use-after-free vulnerability in Adobe Acrobat and Reader could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction, as a victim must open a malicious file. The vulnerability is related to the use of memory after it has been freed.

Recommendations For versions 17.012.30205 through 22.001.20085, update to a version later than 22.001.20085 to resolve the issue. For versions 20.005.3031x and earlier, update to a version later than 20.005.3031x to resolve the issue. As a temporary workaround, consider avoiding the use of the affected Adobe Acrobat and Reader software until a patch is available. Avoid opening malicious files to minimize the risk of exploitation.