“The Protected Mode (sandbox) is a core architecture change and covers all the features and workflows in Acrobat. In addition to patching these vulnerabilities, today’s update to Acrobat DC on Mac also adds Protected Mode to further address security concerns.
A normal user on macOS(with SIP enabled) can locally exploit this vulnerabilities chain to elevate privilege to the ROOT without a user being aware.Īs Gizmodo points out, the one important thing to note is that the hacker would need physical access to your Mac to take advantage of this vulnerability. The only requirement needed to trigger the vulnerabilities is that Adobe Acrobat Reader DC has been installed. Today, Adobe Acrobat Reader DC for macOS patched three critical vulnerabilities(CVE-2020-9615, CVE-2020-9614, CVE-2020-9613) I reported. Sun reported the vulnerabilities to Adobe directly, explaining that even with macOS System Integrity Protection enabled, the flaw could have allowed system-level access to an Adobe Acrobat DC user’s Mac. The issue, as highlighted by Gizmodo, could have allowed root access to a Mac without being detected. Adobe has pushed a critical update to Adobe Acrobat for macOS today, fixing a trio of vulnerabilities reported by Tencent Security Xuanwu Lab researcher Yuebin Sun.