Adobe fixes PDF zero-day security bug that hackers have exploited for months

Adobe has released an urgent update to its widely used document-reading applications, including Acrobat DC, Reader DC, and Acrobat 2024, to address a significant security flaw that has been actively exploited by hackers for several months. This vulnerability, identified as CVE-2026-34621, enables cybercriminals to remotely install malware on users' devices by deceiving them into opening a specially crafted PDF file on either Windows or macOS systems. The exploit specifically affects certain versions of Adobe Reader software, raising concerns about the extent of the damage it may have caused. Although the precise number of impacted users remains unclear, Adobe has acknowledged the severity of the situation, noting that this zero-day bug has been utilized by hackers to infiltrate systems before the company could implement a fix. While the identity of the perpetrators is still unknown, the widespread use of Adobe’s PDF solutions makes them a prime target for malicious actors, including both cyber criminals and state-sponsored hackers. These groups have historically exploited vulnerabilities in Adobe products to gain unauthorized access to sensitive information. The vulnerability was uncovered by security researcher Haifei Li, who detected it after a malicious PDF containing the exploit was submitted to his malware detection system, EXPMON. In a detailed blog post, Li revealed that another version of the dangerous PDF first surfaced on VirusTotal, a well-known malware scanning service, in late November 2025. Although the specific targets of this hacking campaign are yet to be identified, Li cautioned that executing the malicious PDF could grant hackers complete control over the victim's system, potentially allowing them to harvest a variety of personal data. Adobe has strongly urged users to promptly update their software to the latest versions to safeguard against this critical vulnerability.