Adobe Information for VU#672268

Microsoft Windows NTLM automatically authenticates via SMB when following a file:// URL

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

It has been reported to us that CVE-2017-3085 is a form of Redirect to SMB affecting Flash Player. Adobe's security advisory recommends upgrading Flash Player to at least 26.0.0.151, which has addressed the issue.

Vendor References

https://helpx.adobe.com/security/products/flash-player/apsb17-23.html

Addendum

If you have feedback, comments, or additional information about this vulnerability, please send us email.