Miscreants have reportedly discovered a zero-day vulnerability in latest version of Adobe Reader. Exploits based on the vulnerability, which circumvents sandbox protection technology incorporated into Adobe X and Adobe XI, are on sale in underground forums. Pricing starts at a hefty $30,000 but the exploit has already made its …
Those other PDF readers are WAY more insecure.
Get a grip....
How long have PDFs been around? And how are they STILL coming up with fucking holes in the readers??
Definitely time, no way PAST time, to bin this clearly unfit document format!
Re: Seriously though...
Third party readers that limit their ambitions to showing text & graphics have a rather smaller attack surface.
PostScript Rendering should be a solved problem.
But no. Adobe have to continually update their product with interactive "features" :(
Re: PostScript Rendering should be a solved problem.
How else can they keep people on the upgrade treadmill?
Re: Post recyling time.
In that case. You can have a recycled upvote.
Acrobat Reader Lite
Hello Adobe, could we have a "lite" version of the reader that doesn't have all the bloat that seems to be the security issue? If it hadn't grown like Topsy over the years possibly these problems would be fewer and far between.
Re: Acrobat Reader Lite
Excellent idea! Adobe can have Reader Light and Adobe Acrobat Reader BLOATED. Which would you prefer?
Two Useful Steps
Edit->Preferences->Trust Manager uncheck 'Allow opening of non-PDF file attachments with external applications'