May 14, 2018
A new update is available that provides mitigation for the vulnerabilities described in this page.
The update will be applied automatically. To manually update from Acrobat or Acrobat Reader, choose Help > Check for updates, and then follow the steps in the Updater window to download and install the latest updates.
For more information about the update, see the respective release notes:
A problem in Microsoft’s NT LAN Manager (NTLM) authentication implementation affected Adobe Acrobat and Adobe Acrobat Reader allowing attackers to redirect a user to a malicious resource outside your organization to obtain the NTLM authentication messages.
Microsoft issued an optional security enhancement late last year that provides customers with the
ability to disable NTLM SSO authentication as a method for public resources. With this fix, Adobe Acrobat and Adobe Acrobat Reader are not affected by the vulnerability.
However, the mitigation is only available for Windows 10 and Windows Server 2016.
On platforms where Microsoft’s update is not applied or available: