Thread Rating:
  • 2 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Adobe Re-Patches Critical Acrobat Reader Flaw
#1
Quote:A week after Adobe fixed a critical zero-day vulnerability in its Acrobat Reader, the company issued another patch after a researcher dug up a way to bypass the original fix.

This previous vulnerability (CVE-2019-7089) was fixed in Adobe’s regularly scheduled security update last week. But Adobe said that its recent patch for the sensitive data leakage vulnerability, which could enable information disclosure, had a hole.

“Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS,” said Adobe in its unscheduled Thursday update. “These updates address a reported bypass to the fix for

CVE-2019-7089 first introduced in 2019.010.20091, 2017.011.30120 and 2015.006.30475 and released on February 12, 2019.”
The zero-day vulnerability in Adobe Reader, disclosed by Alex Infuhr from cure53 in a Jan. 26 post, enabled bad actors to steal victims’ hashed password values, known as “NTLM hashes.”

The vulnerability allowed a PDF document to automatically send a server message block (SMB) request to an attacker’s server as soon as the document is opened.  SMB protocols enable an application or user of an application to access files on a remote server. Embedded in these SMB requests are NTLM hashes (NTLM is short for NT LAN Manager).

SOURCE: https://threatpost.com/adobe-re-patches-...aw/142098/
[-] The following 3 users say Thank You to silversurfer for this post:
  • darktwilight, Deep900, harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
The slowest Meteor Lake spotted: Intel C...
Intel Core Ultra 5...harlan4096 — 12:47
Microsoft Edge fixes 0-day vulnerability...
Microsoft released...harlan4096 — 10:12
AnyDesk 8.0.9
AnyDesk 8.0.9:   ...harlan4096 — 10:10
AMD Confirms RDNA 3+ GPU Architecture F...
AMD Zen5-based Strix...harlan4096 — 10:08
Adobe Acrobat Reader DC 24.001.20629 (Op...
Adobe Acrobat Read...harlan4096 — 10:06

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>