Adobe has released a critical security patch for a zero-day vulnerability that cybercriminals have actively exploited for at least four months. The flaw, officially designated as CVE-2026-34621, affects popular applications including Acrobat DC, Reader DC, and Acrobat 2024. By tricking users into opening maliciously crafted PDF files on Windows or macOS systems, attackers can remotely install malware and gain full control over the victim's device to steal sensitive data. The vulnerability was identified by security researcher Haifei Li, who operates the exploit-detection system EXPMON. Li discovered the issue after a malicious PDF file containing the exploit was uploaded to his malware scanner. Analysis revealed that an identical file had appeared on VirusTotal in late November 2025, marking the beginning of the campaign. While Adobe confirmed that the bug is being exploited in the wild, the organization has not disclosed the specific number of affected users or the identity of the attackers. The ubiquity of Adobe's PDF software makes it a frequent target for both cyber criminals and government-backed hacking groups seeking to infiltrate systems. Li's assessment indicates that successfully triggering the exploit grants hackers the ability to execute arbitrary code, leading to total system compromise. Despite the severity of the threat, Li noted that it was not possible to retrieve additional exploits from the attacker's servers to further analyze the specific targeting or motives behind the campaign. In response to the active exploitation, Adobe has urged all users to immediately update their software to the latest versions to mitigate the risk. The company stated that the vulnerability exists in specific versions of its reading and editing tools across both major operating systems. As a zero-day, the flaw existed before Adobe became aware of it and was utilized by hackers to breach computers prior to the availability of a fix. This incident underscores the ongoing challenges organizations and individuals face in securing widely used software against sophisticated remote code execution attacks. Adobe continues to monitor the situation as the community adapts to the patched software.