Adobe security team
Adobe *has* a security team.
Under criticism for applications that are hard to patch, Adobe Systems next week will unveil a mechanism that automatically downloads and installs security updates for its widely used PDF programs. The software maker announced the updater for its Reader and Acrobat apps in October and used it with beta testers for patches issued …
Adobe *has* a security team.
...that this is just going to add another layer of bloat?
It has auto-update detection in it already. We've also had the Adobe Download Manager forced upon us.
Why can't they just make the application patch itself?
Digsby and Firefox do it quite nicely. When it opens, it checks for an update, downloads the patches, then applies them (quickly) when the user next loads the app. Nice. Not too intrusive.
I for one will not be installing any patch management shit - and I hope there's an option to turn it off for schools etc where the computers run in perpetual non-privileged mode.
Can't they just use Windows Update/WSUS, a bit like Windows/Exchange/Office/etc does? Buddy up with MS or something?
Like MS is eager to have friends. May I respectfully suggest you to check your herbs, please?
Wait a minute. I thought the great new updater was going to be something like WSUS, only for Adobe products. Instead, it looks like Windows Update, meaning there's no way for administrators to schedule, push and report on success/failure of updates to Adobe products. And will the Adobe Updater require admin rights to install the updates? And what about Flash, the Swiss cheese of software? Not included???
Let's all sing along now... M-I-C (see you exploits real soon) K-E-Y (why, because we're Adobe), M-O-U-S-E.
This is adobe, whose previous updater contained security bugs of its own? First thing I do whenever I do have to update acroread on windows is bring up regedit and delete everything adobe set up to run, usually the quickstarter and the updater -because I don't trust them. On Linux and OS/X I dont have acroread, so less to worry about.
Oh joy, more bloat for Acrobat Reader. Don't worry, there will soon be another updater for the download manager they try to force you to install and then an updater for the bundled toolbars they try to sneak in and finally an updater for those other updaters . I really don't know why people continue to use these products when there are much smaller, faster and more secure alternatives our there.
Namely that it doesn't work through a proxy as part of a corporate firewall.
Asks for user name/password etc but obviously can't pass them correctly because it keeps asking for them
So I guess it is safe to say Adobe turning over their code base to the hajis and their $1 a day labor rate may have been cheaper but good god am I glad I don't have to support that code.
Yep - we had a different problem - it could connect out, but something was going wrong beyond that point, and so what did it do? Keep re-downloading a massive chunk of stuff continuously through our connection on every PC it was enabled on.
The last time I tried to use the updater at home, it gave me a generic "failed to update" message, and adobe reader had been mysteriously uninstalled from my PC. I took the opportunity to install an open source reader instead.
why anyone has Reader on their machine, when there are numerous alternatives, amlost every one of which is reputed to be better than Adobe's ridculous insecure bloatware. I finally got utterly fed up with the bloat - it was taking absolutely ridiculous amounts of time to open even small and simple PDF documents - and uninstalled it, installing a different PDF reader instead, quite a long time back. Since then everything has worked like a dream, which has been a really enjoyable change from the nightmare that was Adobe's Reader. As for the Adobe Reader updates rubbish - it was just unbelievable; completely unusable for anyone not very experienced in getting terrible software to work despite all its ill-thought out quirks. I don't imagine the new updater will be any better.
So, how does this patching go for users with no administrative rights?
Time and time again, the best practice in the enterprise world is to not give users local privileges on their machines. With a WSUS server, you can patch Windows systems in the enterprise regardless of user rights. I doubt this will be the case with Adobe.
This change will be of great help to home users, but will it really help the corporate world?