A critical vulnerability in Adobe Reader has been exploited in limited attacks, Adobe says. The vulnerability (CVE-2021-21017) is a critical-severity heap-based buffer overflow flaw. Adobe also issued patches for critical vulnerabilities in Magento, its e-commerce platform. All these flaws, if exploited, could lead to arbitrary code execution, according to Adobe. The latest update is a priority level 1, which means it resolves vulnerabilities being targeted, or which have a higher risk
Source: https://threatpost.com/critical-adobe-windows-flaw/163789/