Acrobat Reader affected by Apache Log4j Vulnerability, CVE-2021-44228?

Community Beginner ,
Dec 13, 2021 Dec 13, 2021

Copy link to clipboard

Copied

Is anyone aware if Acrobat Reader is affected by the vulnerability below, and if so what the recommendation is to address it? 

https://nvd.nist.gov/vuln/detail/CVE-2021-44228

TOPICS
Security digital signatures and esignatures , Windows

Views

910

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe Community Professional ,
Dec 14, 2021 Dec 14, 2021

Copy link to clipboard

Copied

Acrobat Reader is not affected.

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Dec 15, 2021 Dec 15, 2021

Copy link to clipboard

Copied

Thanks @Bernd Alheit, is there documentation from Adobe to confirm this? Our IT Security have blocked all Adobe apps until we have written confirmation addressing the vulnerability. 

Could you please point me to where Adobe might update the status of all their apps? I've seen confirmation for Coldfusion and AEM so far.

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe Community Professional ,
Dec 15, 2021 Dec 15, 2021

Copy link to clipboard

Copied

Acrobat Reader doesn't use Java!

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Dec 15, 2021 Dec 15, 2021

Copy link to clipboard

Copied

Thanks @Bernd Alheit how about DC? Are all the Acrobat products the same?

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe Community Professional ,
Dec 15, 2021 Dec 15, 2021

Copy link to clipboard

Copied

Yes.

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Dec 15, 2021 Dec 15, 2021

Copy link to clipboard

Copied

Hi Bryski - As this investigation is ongoing, I would reach our to Adobe Customer Support directly for confirmation. Please see: https://helpx.adobe.com/security/alertus.html 

 

Adobe does have a security advisory posted for Log4J: https://helpx.adobe.com/security/products/log4j-2-advisory.html 

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Dec 17, 2021 Dec 17, 2021

Copy link to clipboard

Copied

LATEST

Latest advisory for CVE-2021-44228 is here: https://helpx.adobe.com/security/products/log4j.html

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines