Adobe Confirms 'Leaky PDF' Flaw

CommanderFrank

CommanderFrank

Cat Can't Scratch It
Joined
May 9, 2000
Messages
75,399
One day in the far future, there may be a news story released that simply says ‘Adobe is Safe and Secure’, but it isn’t going to be this week. :D Once again Adobe is informing its users that there is a flaw in Reader and Acrobat which is being exploited. The good news is Adobe is on it quickly and will be issuing a patch on May 14th.

McAfee said, although the security flaw was not deemed to be serious, it could be used as a reconnaissance tool in a targeted attack.
Click to expand...
 
Don't worry, this guy is on the case:

4145-crazy_server_room.jpg


...looks like a simple fix, eh?
 
i prefer foxit reader. (and editor)

open office makes pdf's, so ive never used acrobat.
 
I tossed Adobe Reader into the trash bin like ~6 years ago due to all the exploits it has. Simply not having it installed makes my system more secure. Same thing with Java, not having it installed makes a system 10x more secure and doesn't limit your ability to surf the web any, since nothing really uses Java anyways, and with Reader you can just use a different PDF viewer.
 
PornoSatan said:
I tossed Adobe Reader into the trash bin like ~6 years ago due to all the exploits it has. Simply not having it installed makes my system more secure. Same thing with Java, not having it installed makes a system 10x more secure and doesn't limit your ability to surf the web any, since nothing really uses Java anyways, and with Reader you can just use a different PDF viewer.
Click to expand...

I would like to share your views but, I have to use Java to support servers...no way around it. I could not get my job done without reader either.
 
adobe reader is built into firefox, wonder if that is compromised as well
 
Don't worry, Adobe is on the case and a new flaw will be in place by Tuesday.

I mean fix! Wheew, Freudian slip there.
 
Galvin said:
adobe reader is built into firefox, wonder if that is compromised as well
Click to expand...

No it's not. They use javascript interpret and recreate the pdf. This is why it may advise you on complex pdfs that it may not display correctly. Chrome also uses it's own PDF reader in a different sandbox than what Adobe uses.
 
zero2dash said:
:rolleyes:
PEBKAC FUD, nice.

Adobe Reader has security and sandboxing now (for at least the past 2 versions) whereas it didn't before. And Foxit has become a bloated pig that now has it's own share of vulnerabilities.
Click to expand...

Yeah I used to be a big Foxit advocate but it's turning into a bloated piece of shit now. Still, I won't be using anything by Adobe (except Flash) that interfaces with the web. Still waiting patiently for Flash to get replaced too, in the meantime NoScript conquers shit.
 
zero2dash said:
:rolleyes:
PEBKAC FUD, nice.

Adobe Reader has security and sandboxing now (for at least the past 2 versions) whereas it didn't before. And Foxit has become a bloated pig that now has it's own share of vulnerabilities.
Click to expand...

Wait, and this is a link to another website? Then for once, this is not Adobe's fault, but the fault of browser makers for allowing websites to do stuff to the computer. A browser is also a VIEWER app and should not be writing anything to the computer nor have any code paths that allow it. Other than settings/cache within the user data folder, that's it.
 
You must log in or register to reply here.
Back
Top