Filed under: Security, Adobe, Microsoft
Keeping your OS patched isn't enough
The prevailing wisdom is that if you keep your operating system up to date with the latest security patches, and you run antivirus software, you're probably safe from malware. Unfortunately, that's just not true.
Consider yesterday's news that Trend Micro has discovered a new zero-day exploit in Adobe Reader. Who doesn't have Adobe Reader on their machine? If you have it, how careful are you about keeping it up to date? To be fair, the likelihood that you are going to try to open an infected PDF file is probably fairly small, but on the other hand, Adobe Reader is only one of probably hundreds of applications on your machine. As Mozilla recently discovered, thousands of Firefox users have potentially vulnerable older versions of Flash running on their machines.
So what's a responsible computer user to do? It's a difficult problem. Some software vendors are very responsible about pushing out updates to their software when needed. Others leave it in the user's hands. There are tools that will scan your machine and let you know when updates are available, but I'm not a big fan of these; I think users should know just what is changing on their system.
The best you can do is to be vigilant and consider your software at the same level you do the operating system when ensuring your machine is up to date. Obviously web-facing software or software that interacts with downloaded files are the biggest concern, and anything that is ubiquitous or incredibly popular, like Microsoft Office or your favorite browser.
What do you do to make sure your machine is as secure as you can make it?
[via InSecurity Complex]
Sushi Cat is one of the cutest Flash games I've ever run across. You play a blue cat with a major talent for eating and, fortunately for you, every level is filled with delicious sushi! The controls are simple: you aim and drop from the top of the screen using the mouse, trying to hit as much sushi as you can on the way down. Eat enough sushi, and you can go on to the next level.
Your score depends on how much sushi you eat, and which bucket the cat lands in when it finally reaches the bottom of the screen. The more ...
Reader Comments (Page 1 of 2)
Bebe said 12:33PM on 10-11-2009
I have not heard from Adobe reader in a loooong time.
Please use Foxit reader. Is much smaller and it does the job.
Reply
asianxredneck said 2:34PM on 10-11-2009
agreed!
r3loaded said 3:45PM on 10-11-2009
+1. Millions of reasons to go Foxit.
LordDaMan said 11:07AM on 10-12-2009
++
This isn't the first huge flaw n adobe reader. in fcat evert month or so it has some other serious flaw in it. Foxit is the way to go
Crossbar said 1:01PM on 10-11-2009
Secunia has a cool program that will scan your PC and make sure your programs are up to date.
http://secunia.com/vulnerability_scanning/personal/
Reply
blogward said 1:10PM on 10-11-2009
Ummm... I haven't installed or used Adobe Reader in over a year. Haven't missed it either. Adobe produces some of the worst bloatware there is.
Reply
Albert said 1:22PM on 10-11-2009
well use Ubuntu. i've been using it for years and i don't even need an antivirus software once. Millions of viruses,spywares are just NOT working on it.and if you configure your firewall for net-based attacks you will be just fine.
Still wondering why trust an OS that will have service packs lined up in a year.
Reply
der_tuxman said 1:43PM on 10-11-2009
"Who doesn't have Adobe Reader on their machine?" - I don't. It sucks.
Recently switched from Foxit Reader to PDF-Xchange. Great free tool. :-)
Reply
kittencommander said 4:32PM on 10-11-2009
I agree. Foxit is rapidly becoming bloated -- PDF-Xchange is the true alternative to PDF reader bloatware! (Has many more features than Foxit also).
der_tuxman said 4:34PM on 10-11-2009
Indeed. AFAIK it is the only (?) free PDF viewer with manipulation features.
last_man1 said 2:36PM on 10-11-2009
Why anybody who actually has the ability to "update their own computer" is still using Adobe Reader is beyond me...PDF -X is the best alternative PDF reader going now it's a must have upgrade from Adobe Reader...but as usual if its popularity becomes mainstream it will be a target of hackers as well.
Corporate workers are usually locked into Adobe Reader by their system administrators who have to "test" all updates for compatibility to apps on their networks...which is why somethings just don't get patched in a timely way.
A really good set of sites to bookmark if you don't have it already done is : www.filehippo.com and also www.snapfiles.com (where you can find and download PDF - X reader and put that Adobe Reader where it really belongs in the "Recycle Bin" for good....
You have to have Adobe Flash but you choose to have Adobe Reader....and I choose to remove it from every machine I administer. Waiting for "Silverlight" to take off and get popular enough that we can chuck "Adobe Flash" as well....now granted they have (Adobe) been a great deal more concerned with getting folks to keep their Adobe Flash versions current by sending Update Messages to users which is sort of strange the first time I actually saw the update arrive.
I had to verify it first as should always be the case. But that's what they should be doing. Funny thing though is some people will "still blow it off", and risk getting exploited...due to their behavior not Adobe's.
Reply
Doron Ben Chaim said 2:38PM on 10-11-2009
This is a FUD article if I've ever seen one, DS instead of just reporting that Adobe is still a pos company, maybe you should recommend some alternatives such as, Foxit or PDF-Xchange. Then keeping our OS patched is really all we need to do.
Reply
Chewy&Go said 3:29PM on 10-11-2009
That's what the comments are for. I think the above commenters covered the (very well advised) alternatives quite well.
Reply
kojo87 said 5:44PM on 10-11-2009
honestly i didn't even read the article. just the comments. Adobe Reader is off my machine and PDF-Xchange is installing as we speak.
i used to love Download Squad but im starting to read every article with a great amount of skepticism
Ji said 6:16PM on 10-11-2009
I love Sumatra PDF, and there is something about Foxit that I just don't like.
Reply
Michael Paul said 8:41PM on 10-11-2009
I'm a Sumatra PDF fan also. Been using is for most of the year. Works great for me. http://blog.kowalczyk.info/software/sumatrapdf/index.html
Reply
Mikey said 10:04PM on 10-11-2009
Ubuntu's package management systems maintains all system files (core system and applications alike). This really simplifies things. The application company submits there application to the repository, who then pushes it to users along with core system patches.
Reply
NyaR said 1:07AM on 10-12-2009
Adobe reader is banned from my system.
Reply
rokubungi said 2:44AM on 10-12-2009
been using foxit for about a year and a half now I've noticed a lot of unwanted features creeping in (stop nagging me foxit!!!) it might be about time to try out pdf xchange or sumatra
now if only there were a good third party alternative for flash...
Reply
Marty K. said 3:24AM on 10-12-2009
"What do you do to make sure your machine is as secure as you can make it?"
I run Linux. ;)
Reply