February 11, 2019, By Lindsey O'Donnell
The zero-day flaw in Adobe Reader DC could allow bad actors to steal victims’ NTLM hashes.
A temporary patch has been released to address a zero-day vulnerability in Adobe Reader that could enable bad actors to steal victims’ hashed password values, known as “NTLM hashes.”
0patch on Monday released a micropatch for the flaw, found in Adobe Reader DC. The vulnerability, which has no official fix yet, allows a PDF document to automatically send a server message block (SMB) request to an attacker’s server as soon as the document is opened. SMB protocols enable an application or user of an application to access files on a remote server. Embedded in these SMB requests are NTLM hashes (NTLM is short for NT LAN Manager).