Adobe 's scheduled October update for its Acrobat and Reader PDF software addresses Vulnerability-related.PatchVulnerability 85 vulnerabilities , including dozens of critical flaws that allow arbitrary code execution . The patches also address Vulnerability-related.PatchVulnerability multiple privilege-escalation and information-disclosure flaws , shoring up Adobe 's PDF software further following a patch for a critical Acrobat and Reader flaw plugged Vulnerability-related.PatchVulnerability two weeks ago . The bugs affect Vulnerability-related.DiscoverVulnerability Acrobat DC and Reader versions 2018.011.20063 and earlier from Adobe 's continuous track , Acrobat 2017 and Acrobat Reader 2017 2017.011.30102 , and Acrobat DC and Reader DC versions 2015.006.30452 and earlier from Adobe 's classic 2015 track . The flaws affect Vulnerability-related.DiscoverVulnerability the software running on Windows and macOS systems . This update Vulnerability-related.PatchVulnerability is the largest set of fixes Adobe 's PDF software since it swatted Vulnerability-related.PatchVulnerability 105 vulnerabilities in July . However , fortunately the company says it is not currently aware Vulnerability-related.DiscoverVulnerability of any exploits in the wild for bugs fixed Vulnerability-related.PatchVulnerability in this update Vulnerability-related.PatchVulnerability . Users and admins nonetheless should install fixed versions , according to Adobe , because if an attacker developed an exploit it could lead to arbitrary code execution in the context of the current user because the software is sandboxed . Since PDFs are still widely used in the enterprise , hackers continue to develop new techniques to break the sandbox by combining PDF attacks with operating system flaws . This happened earlier this year , prompting a warning Vulnerability-related.DiscoverVulnerability from Adobe in May after it was informed Vulnerability-related.DiscoverVulnerability by researchers at ESET and Microsoft that they 'd discovered Vulnerability-related.DiscoverVulnerability a malicious PDF using a zero-day remote code execution flaw in Reader with a sandbox-busting Windows privilege escalation flaw . Adobe credits researchers from Qihoo 360 , Cisco Talos , Beihang University , Palo Alto Networks , and Check Point for reporting Vulnerability-related.DiscoverVulnerability flaws patched Vulnerability-related.PatchVulnerability in the October update . Check Point researcher Omri Herscovici was responsible for reporting Vulnerability-related.DiscoverVulnerability 35 of this month 's bugs , all of which were information disclosure flaws .