A temporary patch has been released to address a zero-day vulnerability in Adobe Reader DC that could enable bad actors to steal victims hashed password values. The vulnerability, which has no official fix yet, allows a PDF document to automatically send a server message block (SMB) request to an attacker s server as soon as the document is opened. An Adobe spokesperson told Threatpost that the company plans to issue a security update this week that addresses the vulnerability. The company is approaching its monthly security updates, which take place tomorrow (Feb 11)
Source: https://threatpost.com/temporary-patch-released-for-adobe-reader-zero-day/141701/