Adobe’s patch for a remote code execution (RCE) bug in Acrobat doesn’t mention that the vulnerability is considered a zero-day nor that a proof-of-concept (PoC) exploit exists, a researcher warns. As part of Adobe’s Patch Tuesday, the creative software vendor fixed CVE-2024-41869 – a vulnerability originally reported in June by researcher Haifei Li, founder of zero-day and exploit-detection platform Expmon.

Source: The Register