Adobe has released a critical security update to fix a vulnerability affecting its widely used document applications, including Acrobat DC, Reader DC and Acrobat 2024, after hackers were found to have actively exploited the flaw for at least four months. The vulnerability, tracked as CVE-2026-34621, allows attackers to remotely install malware on a user’s device by tricking them into opening a specially crafted PDF file on Windows or macOS systems.
Adobe disclosed that the flaw had already been exploited in real world attacks, classifying it as a zero day vulnerability, meaning it was used by hackers before a fix became available. While the number of affected users remains unknown, the widespread use of Adobe’s PDF software makes it a high value target for cybercriminals and state backed actors seeking to gain unauthorised access to sensitive data.
The vulnerability was discovered by security researcher Haifei Li, who identified the exploit through his monitoring system after a malicious PDF file was uploaded for analysis. According to his findings, another version of the malware laden document had surfaced earlier on VirusTotal, indicating that the exploit had been circulating since late 2025. Li warned that successfully opening such a file could give attackers full control of a victim’s system, exposing personal and corporate data to theft.
Adobe has urged users to immediately update their applications to the latest versions to mitigate the risk. The company noted that failure to patch affected systems could leave devices vulnerable to ongoing attacks, as the exploit requires minimal user interaction beyond opening a compromised document. Security experts also advise users to exercise caution when opening unsolicited PDF files, as attackers continue to exploit trusted file formats to bypass traditional security defences.