Recently, researchers have revealed a zero-day vulnerability discovered in the Adobe Reader reader that could be triggered by a specially crafted malicious PDF document. Researchers say the attacker made a malicious PDF document and sent the victim’s information to a remote server controlled by the hacker in the form of an SMB request. This vulnerability is very similar to the CVE-2018-4993 vulnerability discovered last year, where a remote attacker uses an SMB request to return a user’s NTLM hash.
The actual application scenario is mainly used to determine whether the user has read the PDF document. For example, spammers can use malicious PDF documents and send through spam email to exploit users.
Currently, researchers have tested Adobe Acrobat Reader DC 19.010.20069 for this vulnerability, and tests have shown that this version is affected. In theory, all versions prior to this release should also be affected by this vulnerability, specifically waiting for Adobe to release a security patch to fix. Another thing to be reminded is that Microsoft will release security patches by convention this evening, and Adobe will basically release security updates along with Microsoft.
Therefore, users who use the above software should pay attention to relevant security information tomorrow morning. If there is a new version or vulnerability patch, it should be installed as soon as possible.