- Joined
- Mar 17, 2006
- Messages
- 2,866
- Points
- 113
information technology security is the main focus of my job and i just wanted to warn you guys about several critical vulnerabilities in adobe acrobat reader.
if you are using adobe reader < 9.1.3 it is likely possible to get malware on your machine by simply viewing a webpage. if u have an old version of adobe consider upgrading, or using another PDF viewing program like cool pdf reader or foxit reader.
not only is adobe bloated (hundreds of MB in size), but it has a history of poor security. at one point several patched release in a row all had security vulns of their own. Adobe Product Security Incident Response Team (PSIRT) LOL
Adobe flash also has some serious vulns that an estimated 80% of the net are vulnerable too:
Nearly 80% Of Users Vulnerable To Adobe Flash Attack - DarkReading
more articles:
Adobe Launches Its Own 'Patch Tuesday' - DarkReading
(Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier versions) are vulnerable to remote exploit by simply viewing a webpage.
recommendations:
don't use adobe, a PDF reader shouldn't need its own Product Incident Response Team and be hundreds of MB in size....
Adobe Product Security Incident Response Team (PSIRT) LOL
if u use adobe (reader of flash) make sure its the latest ver.
consider alternative PDF viewing program
another article to top it off:
Adobe Criticized for Shipping Insecure Reader Version - Installer available from the official download website is two versions behind - Softpedia
if you are using adobe reader < 9.1.3 it is likely possible to get malware on your machine by simply viewing a webpage. if u have an old version of adobe consider upgrading, or using another PDF viewing program like cool pdf reader or foxit reader.
not only is adobe bloated (hundreds of MB in size), but it has a history of poor security. at one point several patched release in a row all had security vulns of their own. Adobe Product Security Incident Response Team (PSIRT) LOL
Adobe flash also has some serious vulns that an estimated 80% of the net are vulnerable too:
Nearly 80% Of Users Vulnerable To Adobe Flash Attack - DarkReading
more articles:
Adobe Launches Its Own 'Patch Tuesday' - DarkReading
(Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier versions) are vulnerable to remote exploit by simply viewing a webpage.
recommendations:
don't use adobe, a PDF reader shouldn't need its own Product Incident Response Team and be hundreds of MB in size....
Adobe Product Security Incident Response Team (PSIRT) LOL
if u use adobe (reader of flash) make sure its the latest ver.
consider alternative PDF viewing program
another article to top it off:
Adobe Criticized for Shipping Insecure Reader Version - Installer available from the official download website is two versions behind - Softpedia