Adobe Acrobat Reader Vulnerabilities v25.001.21111

Question

We’re on the latest reader version that I’m aware of and still have Windows Defender showing the following:

openssl 3.0.18.0 'c:\program files (x86)\adobe\acrobat reader dc\reader\rdrtools\libcrypto-3.dll'

openssl 3.4.3.0 'c:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\libcrypto-3.dll', 'c:\program files (x86)\adobe\acrobat reader dc\reader\plug_ins\libssl-3.dll'

Do you have a way of fixing these vulnerabilities in the program that is using older OpenSSL libraries?

creative explorer · Answer

​@accesssYes, the latest Acrobat Reader (25.001.21111) version (https://www.adobe.com/devnet-docs/acrobatetk/tools/ReleaseNotesDC/index.html) is probably the first and most important step. If Adobe has already shipped a build that updates or replaces those OpenSSL libraries, updating the application is the only legitimate fix. If Defender continues to flag the older OpenSSL DLLs—unfortunately, there is nothing you can do locally to “fix” the vulnerability, you just have to wait until Adobe fixes it.

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded