Adobe issued a security update to address a bypass for the CVE-2019-7089 zero-day patch issued on February 12. The bypass would lead to sensitive information disclosure in the context of the current user in vulnerable Adobe Acrobat and Reader for Windows and MacOS. The data leakage flaw allows maliciously crafted PDF documents to call home and send over the victim’s NTLM hash to remote attackers in the form of an SMB request. Adobe today issued a second update attempting to successfully address the software flaw.
Source: https://www.bleepingcomputer.com/news/security/adobe-patches-critical-information-disclosure-flaw-in-reader-again/