back to article Adobe Reader purged of hole that was under attack

Adobe has patched 23 security vulnerabilities in its Reader document viewer, including one that criminals were exploiting to install malware on the PCs of unwitting victims. At least 18 of the other flaws also made it possible for attackers to remotely hijack users' PCs, Adobe said in an bulletin released on Tuesday. The patch …

COMMENTS

This topic is closed for new posts.
  1. AndrueC Silver badge
    Thumb Down

    Bah

    ..and it still drops an utterly useless and unwanted program icon on the desktop.

  2. Paul Coen
    FAIL

    But Acrobat Pro is vulnerable unless you go through update hell

    The updates for Acrobat Professional aren't cumulative. For a new install, have to install 9.0 and then go from 9.1 to 9.1.3 to 9.2 to 9.3 to 9.3.2 to 9.3.3 to 9.4 to get an up-to-date Acrobat Pro installation (I think that's the shortest path). Good luck in an enterprise environment.

    They've never refreshed the original installation media, not even the downloadable demo, and you can't get refreshed media from Adobe. If you try, they tell you things like "Acrobat Pro 10 will fix it". Why yes. Until 10.1 comes out. And then 10.1.3. And then 10.2. And you recreate the problem.

    Or, hey, here's an idea. Make the update installers cumulative. That would solve the problem. And far more complicated products (Microsoft Office, Windows) seem to be able to handle it just fine.

  3. Aremmes
    Paris Hilton

    I am disappoint

    "... purged of hole that was under attack"

    And here I thought that there was a Paris Hilton angle to this article.

  4. david 12 Silver badge

    This kluge puts users at risk.

    Some "anti-virus" software prevent you from downloading executables. If you want to download a binary file, you may have to "disable" your "anti-virus" software.

    It is possible to get around this, but all the alternatives do have their own limitations, so which method are you suggesting?

    Curious readers want to know...

  5. Anonymous Coward
    Go

    Here's The Fix

    1.) Uninstall Acrobat Reader

    2.) Install Evince:

    http://live.gnome.org/Evince/Downloads

    1. Anonymous Coward
      Anonymous Coward

      Lite?

      The Windows installer for Evince is 30MB - 4MB bigger than the 26MB installer for Adobe Reader 9.40.

  6. Big_Boomer Silver badge
    FAIL

    What? Again? Time to ditch this upgrade monster

    I've been a user of AdBloat Reader since version 2, but V9 seems to need updates almost as often as Windows. I'm off to find an opensource reader that doesn't have to be manually updated every other bloody week. It's not worth the effort for something that gets used once per month.

  7. Tom 38
    Stop

    I'm quite impressed really

    I firmly believe that most Adobe programmers must be getting paid under the table by RBN to provide this non stop wankfest of exploits from Acrobat, a program that displays computer representations of sheets of paper on your screen.

    +1 for Evince.

  8. TeeCee Gold badge
    FAIL

    Building analogies.

    "Building a sandbox into an application as complex as Reader has been compared by some to adding a basement to a 20-story building after it's already been erected."

    I can't help thinking that it would be better all round if the world just admitted that it was on a hiding to nothing, had the building demolished and got a more reputable contractor in to build a new one. Maybe one with doors on it that lock rather than just a load of holes in the walls that anyone can walk through......

    1. Chemist

      RE : Building analogies. →

      I think it's the WINDOWS that are as much to blame

This topic is closed for new posts.