Adobe issues another patch for the continuing vulnerability found in its Acrobat Reader – just a week after it brought out the original fix.
Although Adobe managed to resolve the initial vulnerability issue, a researcher claimed to find a way to bypass the fix pushing the company to bring out another patch within a week.
According to Adobe, the first scheduled patch left a hole in their product that could result in sensitive data leakage. Due to the unforeseen circumstance, Adobe introduced an unscheduled update that claims to bypass the first fix.
The zero-day vulnerability allowed the hackers to steal victims hacked password values, known as the “NTLM hashes” in technical term.
With the vulnerability, a PDF document was automatically sent to a server message block (SMB) request to an attacker’s server as soon as the document was opened. The SMB protocols enabled the application or user of the application to access files on a remote server. The SMB requests had NTML hashes embedded in it allowing the hackers to easily compromise personal data of Adobe users.
The vulnerability was patched last week but researcher Infuhr found a way to bypass the patch and immediately reported its discovery to Adobe.
The update was rewarded a ‘priority 2’ rating, meaning it resolves the issue that may have carried elevated risks. However, currently, there are no known exploits from vulnerability.
Infuhr, who discovered and reported the problem to Adobe, was also credited for his efforts.
Also Read: How Do Hackers Hack? (Infographics)
Although Adobe managed to resolve the initial vulnerability issue, a researcher claimed to find a way to bypass the fix pushing the company to bring out another patch within a week.
According to Adobe, the first scheduled patch left a hole in their product that could result in sensitive data leakage. Due to the unforeseen circumstance, Adobe introduced an unscheduled update that claims to bypass the first fix.
The zero-day vulnerability allowed the hackers to steal victims hacked password values, known as the “NTLM hashes” in technical term.
With the vulnerability, a PDF document was automatically sent to a server message block (SMB) request to an attacker’s server as soon as the document was opened. The SMB protocols enabled the application or user of the application to access files on a remote server. The SMB requests had NTML hashes embedded in it allowing the hackers to easily compromise personal data of Adobe users.
The vulnerability was patched last week but researcher Infuhr found a way to bypass the patch and immediately reported its discovery to Adobe.
Related: Are hacking groups advancing in their conspiracies?The versions of Adobe affected by the security flaw include the Adobe Acrobat and Reader for Windows and macOS, Acrobat DC and Acrobat Reader DC continuous, versions 2019.010.20091 and earlier, Acrobat 2017 and Acrobat Reader 2017 Classic, versions 2017.011.30120 and earlier, Acrobat DC and Acrobat Reader DC Classic 2015, versions 2015.006.30475 and earlier.
The update was rewarded a ‘priority 2’ rating, meaning it resolves the issue that may have carried elevated risks. However, currently, there are no known exploits from vulnerability.
Infuhr, who discovered and reported the problem to Adobe, was also credited for his efforts.
Read Next: A Major Security Bug In WinRAR Has Put Millions Of Users At Risk
Also Read: How Do Hackers Hack? (Infographics)
