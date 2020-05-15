Adobe acrobat, the alternative to Preview to open and view PDF documents on our Mac, has just received a major security update. With the now resolved vulnerabilities, an attacker with physical access to the computer could gain administrator-level access undetected.

The three security flaws were discovered by Yuebin Sun of Tencent Security Xuanwu Lab, who reported directly to Adobe. With these flaws, an attacker with physical access to the computer, even with the System Integrity Protection system activated, could raise your privileges to root level. Sun explains it on his blog:

Today Adobe Acrobat Reader DC for macOS patched three critical vulnerabilities (CVE-2020-9615, CVE-2020-9614, CVE-2020-9613) that I reported. The only requirement required to activate the vulnerabilities is that Adobe Acrobat Reader DC has been installed. A normal macOS user (with SIP enabled) can locally exploit this chain of vulnerabilities to elevate the privilege to ROOT without the user being aware of it.

Along with the fix of these vulnerabilities, in this new version Adobe has launched Protected Mode a function focused on security that, surprisingly, is disabled by default. With this function, which we can activate in the preferences of the app, Adobe aims to hide the architecture of the app and its operation for greater security.

During my training I see many people who install Acrobat on their computers believing that, as in Windows, it is necessary to view PDFs. Fortunately, the situation is very different because, on Mac, we can use Preview, a PDF document viewing and editing app created by Apple itself. Preview highlights both performance and benefits (edit documents, mark them, sign them, etc.). While we make sure to update Adobe Acrobat if it’s still installed on the Mac, it may be a good time to try Preview.

