This article is for informational purposes. Always refer to Adobe’s official documentation for the latest security patches and version support lifecycles.
In 2021, threat actors exploited CVE-2020-9715 in phishing campaigns using malicious PDFs labeled “Invoice_2020.pdf.” If opened in Acrobat Pro DC build 20048 , the attacker could install ransomware without user interaction (except disabling Protected View). Protected View in this Build Build 2020.012.20048 includes Protected View (sandboxing) but it is not enabled by default for all files. Adobe’s default “Files from potentially unsafe locations” turned on sandbox. However, many users disabled it for convenience, exposing themselves. Adobe Acrobat Pro DC 2020.012.20048 -x86 x64-...
| Task | Build 2020.012.20048 (x64) | Acrobat Pro 2023 (Classic) | Acrobat DC Continuous (2024) | | :--- | :--- | :--- | :--- | | Launch time (cold) | 2.3 sec | 1.8 sec | 1.5 sec | | OCR 100-page scan | 32 sec | 28 sec | 22 sec (AI-enhanced) | | Export 50-page PDF to Word | 11 sec | 9 sec | 6 sec | | Memory usage (large PDF) | 1.1 GB | 1.4 GB | 980 MB (optimized) | | Redaction of 100 items | 4 sec | 3 sec | 1.5 sec | This article is for informational purposes
| CVE ID | Severity | Description | Fixed in Build | | :--- | :--- | :--- | :--- | | CVE-2020-9715 | Critical | Use-after-free leading to RCE (Remote Code Execution) | 2020.013.20074 | | CVE-2020-9728 | Important | Out-of-bounds write → memory corruption | 2020.013.20074 | | CVE-2021-21017 | Critical | Heap overflow via crafted PDF causing system takeover | 2021.001.20135 (not applicable) | | CVE-2021-28550 | Critical | Arbitrary code execution via JavaScript API | 2021.005.20048+ | Protected View in this Build Build 2020
If you encounter this version on your network, treat it as an urgent security finding. Patch it, upgrade it, or retire it. Do not let convenience or plugin dependencies chain you to an insecure past.
For IT administrators, forensic analysts, and power users still encountering this version on legacy systems, understanding its architecture (x86 vs. x64), feature set, known bugs, and end-of-life status is crucial.
Adobe releases Security Bulletins (APSB) monthly. For the Classic Track 2020, here are vulnerabilities present in build 20048 but fixed in later builds: