Temporary Patch Released For Adobe Reader Zero-Day

Userlevel 7
Badge +48
February 11, 2019, By Lindsey O'Donnell

The zero-day flaw in Adobe Reader DC could allow bad actors to steal victims’ NTLM hashes.

A temporary patch has been released to address a zero-day vulnerability in Adobe Reader that could enable bad actors to steal victims’ hashed password values, known as “NTLM hashes.”

0patch on Monday released a micropatch for the flaw, found in Adobe Reader DC. The vulnerability, which has no official fix yet, allows a PDF document to automatically send a server message block (SMB) request to an attacker’s server as soon as the document is opened. SMB protocols enable an application or user of an application to access files on a remote server. Embedded in these SMB requests are NTLM hashes (NTLM is short for NT LAN Manager).

Full Article.

0 replies

Be the first to reply!


    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept or continue browsing you agree to our cookie policy. Learn more about our cookies.

    Accept cookies Cookie settings