Adobe has patched a trio of severe vulnerabilities in the Adobe Acrobat PDF reader that could allow an attacking application to gain root access on macOS — and do it silently.
Utilizing these newly revealed security exploits, a malicious program could elevate privileges to superuser, or root, on macOS. A user or program with root permissions can do just about anything on a Mac device without a user's knowledge.
The flaws were discovered by security researcher Yuebin Sun of Tencent Security. As Sun pointed out in a blog post, the only requirement for exploiting the flaw is that a user has Adobe Acrobat installed.
Adobe has issued a security fix for the three vulnerabilities. The company — and AppleInsider — recommends that users update their Acrobat software as soon as possible.
Users can find more information about the flaw and Adobe's response in this security bulletin.