The Adobe Reader DC Zero-day vulnerability could permit bad attackers to snatch NTLM hashes of victim. Thus, a temporary fix has been announced to state a zero-day flaw in Adobe Reader that could alter bad attackers to sneak hashed password values of victim, recognized as “NTLM hashes.”

Zeropatch on Monday announced a micro-fix for the vulnerability, detected in Adobe Reader DC. The flaw, which has no authorized patch so far, permits a PDF file to automatically transfer a Server Message Block appeal to a actor’s server as soon as the PDF file is run.  SMB protocols modify an application or application of user to run the PDF files on a distant server. Integrated in these Server Message Block appeals are NTLM hashes.

“This vulnerability… allows a remote attacker to steal user’s NTLM hash included in the SMB request,” said Mitja Kolsek with 0patch in a Monday post. “It also allows a document to ‘phone home’, i.e., to let the sender know that the user has viewed the document. Obviously, neither of these is desirable.”

Kolsek stated that the updated version of Adobe Reader DC-2019.010.20069 is absolutely affected, however “older versions are likely in the same boat too.”

Security analyst named Alex Inführ initially revealed the flaw and a Proof of Concept work in a  blog post published in January.

Leave a Reply

Your email address will not be published. Required fields are marked *