Update your PDF reader now to fix critical security flaw

May 16, 2020

By Kim Komando

Of all the computer brands out there, Macs get a lot of credit for their resilience and security. Although it’s not entirely true that they’re “immune to viruses,” Macs have experienced far fewer security holes and vulnerabilities compared to their Windows counterparts over the years.

Not only that, but Apple has also managed to ship Mac updates each year without too many major bugs or patches. Compare that to Windows, which seems to release a bungled security update every few weeks or so. Tap or click here to see how a previous Windows update caused Blue Screens of Death for users.

But now, a dangerous new flaw has been discovered in a Mac application that can give hackers root access to your computer. It’s found in Adobe Acrobat, which is one of the most common PDF readers on the planet. If you have this app installed on your system, here’s why you need to update it immediately.

Adobe Acrobat leaves a gap in your Mac

Adobe has just pushed an update to its Acrobat Reader that patch critical security holes in the Mac version of the software. The new update (version 20.009.20063) fixes an issue that causes the app to run certain processes using root access, rather than “sandboxing” them for security purposes.

According to Tencent’s Xuanwu Lab, this particular issue is serious enough that an enterprising hacker could piggyback off it and gain direct access to the innermost workings of your Mac. At the root level, new user accounts can be created, programs can be installed and files can be changed — all without users ever knowing.

Related: Adobe Photoshop too expensive? Tap or click here to try these free alternatives.

To fix the issue, all Acrobat users on Mac need to update their software immediately. To get it, tap or click here to visit Adobe’s website and click Download Acrobat Reader.

Note: When you download the update, you’ll have the option to also install McAfee Secure Scan Plus and Safe Connect as sponsored offers. This is optional, and you can uncheck the boxes above the Download Acrobat Reader button. This won’t affect your download in any way.

Going a step further

Even with the patch installed, the secure “sandbox mode” described above won’t be enabled by default. To set it up on your Mac, you’ll have to adjust a few settings in Acrobat.

Open Adobe Acrobat and go to the Edit menu. Select Preferences, and from the Categories menu, choose Security and click the checkbox that says Enable Protected Mode at Startup (Preview).

If this issue is so dangerous, why wouldn’t they enable the safe mode by default? Well, as bad as the flaw is (root access flaws are always considered critical), you have to have physical access to the hardware to pull off a successful hack.

Then again, hackers are constantly stepping up their game, so it’s better to be safe rather than sorry no matter what. We’d say it’s worth updating just so you’re on the latest version anyway.

That said, keeping current with your updates is one of the best ways to protect your system from harm. Otherwise, you might be behind the curve when the next big malware event strikes. Tap or click here to see if your Mac is at risk.

https://www.komando.com/news/security/pdf-update-fixes-critical-security-flaw/