It's not only Adobe Reader that needs patching against maliciously constructed PDF files. Targeted attacks against an unpatched flaw in Adobe Reader over recent weeks has stimulated interest in alternative PDF viewers, such as FoxIT. However FoxIT is also vulnerable to the same type of threat, promoting the release of a security …
Eating in the dark
Back in the day, sailors used to eat in the dark so they wouldn't see the maggots that had infested the foodstores. That kind of reminds me of Foxit. A few days ago it was safe:
Now it isn't:
But it's more fun to hate Adobe, right?
Even if Foxit is not 100% safe
It's also not a slow bloated pig. I've just installed the 3.0 update for Foxit... where is the Adobe update?
Yes first Foxit is safe because they use their own JBIG2 code to process images.
Quote "Foxit uses our own JBIG2 decoder and it handles those malicious JBIG2 stream gracefully (empty image will be displayed instead of crashing)." More fool me for believing them.
And then Foxit go and fix the non existent vulnerability. So did Foxit programmers code the exact same flaw into their own JBIG2 code. Or did they just reverse Adobes and "borrow" Adobe code?
"But it's more fun to hate Adobe, right?"
No not at all, just more righteous ;-)
> But it's more fun to hate Adobe, right?
Well yes, but also it's more 'fun' to open a PDF quickly in a reader that doesn't default to loading 467 other add-ons and plug-ins before it will show the file, and [even after you've turned everything off] has a software footprint that makes Internet Explorer look lean and trim by comparison.
Adobe lost the plot somewhere around Reader 6, and Foxit and the other alternatives now fill the need for a quicker, smaller viewer.
Software bloat, thy name is Adobe Reader. However recent releases of Foxit seem to be getting a bit over-multi-functional and sluggish as well ....
Classic FD! I wonder why no one has called "Grace" on that?
Did they not bother to check?
Hey, El Reg, why not ask them for a comment on their "rigorous" testing procedures.
Paris, because she likes he buffers probed.
"......but because the security bugs in Adobe's software are the focus of targeted hacking attacks over the last three weeks or so."
But surely if FoxIT has the same vulnerability it doesn't make any odds to the severity of the weakness which product the attack is targetted at?
If you shoot someone, I'm sure that the fact that you were actually trying to shoot someone else doesn't make your victim feel any better about being unexpectedly dead......
How about formatting for
my computer screen? Or better still a small part of it!* Then I wouldnt have to bloat my computer with Pointless Document Format and have to print all that trash** that comes in a PDF document that I cant read on screen - only to find its mostly useless anyway.
*nothing more fun than having to print out the 'how do do the paperless office' instructions cos you can use them alongside the IDE cos they are formatted for paper.
** contents and indexes that are almost never linked to the document, and talk about pages that bear no relation to the real page number
PDF - a bit like the red flag of office software to slow your computer down but a different colour to be 'innovative'.
its not just me then
i am glad I am not the only one that thinks adobe reader is a bloated pile of shite. I actively avoid bloody pdf files when at all possible.
And for Preview?
Does Preview on the Mac suffer from same difficulties with PDF files?
In the past, but if it could happen once...
But at least FoxIt has the balls to fess up to it, instead of trying to deny deny deny and sweep it under the rug like some other companies do.
@AC 10 Mar 20:48gmt
re: And For Preview?
Not that I know of; I only use Preview because I can't seem to find any other alternative PDF readers for MacOS for some odd reason.
Still, I'm kind of stuck with the Dried Mud Software Corp's Acrobat Pro on my machine as I work in graphic design, send out proofs and finals as "press-ready" PDF, and only Acrobatshit can display them properly for a final look before I send them out. Otherwise, I avoid Acrobatshit like... like...
...well, like Paris.
(yeah, yeah, I know, alright... finish beer>coat>door>subway)
- Twitter: La la la, we have not heard of any NUDE JLaw, Upton SELFIES
- China: You, Microsoft. Office-Windows 'compatibility'. You have 20 days to explain
- Apple to devs: NO slurping users' HEALTH for sale to Dark Powers
- Is that a 64-bit ARM Warrior in your pocket? No, it's MIPS64
- Apple 'fesses up: Rejected from the App Store, dev? THIS is why