Adobe security team
Adobe *has* a security team.
Who knew?
Under criticism for applications that are hard to patch, Adobe Systems next week will unveil a mechanism that automatically downloads and installs security updates for its widely used PDF programs. The software maker announced the updater for its Reader and Acrobat apps in October and used it with beta testers for patches …
It has auto-update detection in it already. We've also had the Adobe Download Manager forced upon us.
Why can't they just make the application patch itself?
Digsby and Firefox do it quite nicely. When it opens, it checks for an update, downloads the patches, then applies them (quickly) when the user next loads the app. Nice. Not too intrusive.
I for one will not be installing any patch management shit - and I hope there's an option to turn it off for schools etc where the computers run in perpetual non-privileged mode.
Can't they just use Windows Update/WSUS, a bit like Windows/Exchange/Office/etc does? Buddy up with MS or something?
Wait a minute. I thought the great new updater was going to be something like WSUS, only for Adobe products. Instead, it looks like Windows Update, meaning there's no way for administrators to schedule, push and report on success/failure of updates to Adobe products. And will the Adobe Updater require admin rights to install the updates? And what about Flash, the Swiss cheese of software? Not included???
Let's all sing along now... M-I-C (see you exploits real soon) K-E-Y (why, because we're Adobe), M-O-U-S-E.
This is adobe, whose previous updater contained security bugs of its own? First thing I do whenever I do have to update acroread on windows is bring up regedit and delete everything adobe set up to run, usually the quickstarter and the updater -because I don't trust them. On Linux and OS/X I dont have acroread, so less to worry about.
I don't trust adobe apps no more, I don't see why something whose main function is to display word documents exported into a "neutral" format needs to have javascript, execution services and rich multimedia. Sorry.
This post has been deleted by its author
Yep - we had a different problem - it could connect out, but something was going wrong beyond that point, and so what did it do? Keep re-downloading a massive chunk of stuff continuously through our connection on every PC it was enabled on.
The last time I tried to use the updater at home, it gave me a generic "failed to update" message, and adobe reader had been mysteriously uninstalled from my PC. I took the opportunity to install an open source reader instead.
why anyone has Reader on their machine, when there are numerous alternatives, amlost every one of which is reputed to be better than Adobe's ridculous insecure bloatware. I finally got utterly fed up with the bloat - it was taking absolutely ridiculous amounts of time to open even small and simple PDF documents - and uninstalled it, installing a different PDF reader instead, quite a long time back. Since then everything has worked like a dream, which has been a really enjoyable change from the nightmare that was Adobe's Reader. As for the Adobe Reader updates rubbish - it was just unbelievable; completely unusable for anyone not very experienced in getting terrible software to work despite all its ill-thought out quirks. I don't imagine the new updater will be any better.
So, how does this patching go for users with no administrative rights?
Time and time again, the best practice in the enterprise world is to not give users local privileges on their machines. With a WSUS server, you can patch Windows systems in the enterprise regardless of user rights. I doubt this will be the case with Adobe.
This change will be of great help to home users, but will it really help the corporate world?