Slashdot Mirror

← Back to Stories (view on slashdot.org)

Adobe Chided For Insecure Acrobat Reader

Posted by kdawson on from the old-skool-distribution dept.

The Register covers security firm Secunia calling out Adobe for its insecure distribution practices with regard to Adobe Reader. (Here is Secunia's note.) The accusation is that the way Adobe provides Reader extends the software's window of vulnerability once an exploit has begun to circulate. Version 9.1 of Reader, which is what you get when you visit the official download site, contains 10 vulnerabilities that were patched by later releases. "Adobe Systems has been taken to task for offering outdated software on its downloads page that contains dozens of security vulnerabilities, several of which are already being exploited in the wild... Visitors who obtain Adobe Reader from the company's official downloads page will find that it installs version 9.1 of the program on their computers, even though the most recent version was 9.1.2 at time of writing. That could put users at considerable peril given the number of vulnerabilities fixed in the two iterations that have come since 9.1, complains Secunia..."

2 of 179 comments (clear)

  1. Who the heck still uses Acrobat Reader? by blind+biker · · Score: 1, Redundant

    I thought by now everyone got the point that Acrobat Reader is a bloated crashware and have switched to Foxit or other alternatives. I'm not saying Foxit is more secure (I don't really know), but I thought that the abomination that emanates from Acrobat Reader has shrank their marketshare so much that any security issues it may have, would be irrelevant.

    --
    "The agriculture ministry is not in charge of Gundam" - Japanese ministry official.
  2. Foxit... by EddyPearson · · Score: 0, Redundant

    FoxIT Reader.
    http://www.foxitsoftware.com/pdf/reader/

    --
    You feel sleepy. Close your eyes. The opinions stated above are yours. You cannot imagine why you ever felt otherwise.