Mitigation of NTLM dictionary attacks | Acrobat, Acrobat Reader


May 14, 2018

A new update is available that provides mitigation for the vulnerabilities described in this page.

The update will be applied automatically. To manually update from Acrobat or Acrobat Reader, choose Help > Check for updates, and then follow the steps in the Updater window to download and install the latest updates.

For more information about the update, see the respective release notes:


Problem in Microsoft's NTLM authentication implementation affected Acrobat and Acrobat Reader

A problem in Microsoft’s NT LAN Manager (NTLM) authentication implementation affected Adobe Acrobat and Adobe Acrobat Reader allowing attackers to redirect a user to a malicious resource outside your organization to obtain the NTLM authentication messages.

Impact on Acrobat and Acrobat Reader, and mitigation

Microsoft issued an optional security enhancement late last year that provides customers with the
ability to disable NTLM SSO authentication as a method for public resources. With this fix, Adobe Acrobat and Adobe Acrobat Reader are not affected by the vulnerability.

However, the mitigation is only available for Windows 10 and Windows Server 2016.

On platforms where Microsoft’s update is not applied or available:

  • The vulnerability can be mitigated in Acrobat and Reader and for PDFs opened inside Internet Explorer by enabling the Protected View. For more information on how to enable the Protected View, see Protected View feature for PDFs (Windows).


Get help faster and easier

New user?