Skip to Content

Submit your nominations for the Luxist Awards' Best in Decor
AOL Tech

adobe-reader posts

Filed under: Security, Adobe

Adobe's security woes continue as new exploits found in Reader, Flash

2009 has been a rough one so far for Adobe when it comes to security. Reader has become an increasingly popular target for malware authors, and Flash has been plagued with vulnerabilities.

Trend Micro reaserchers have hit on new flaws in Adobe Reader 9.1.2, and Flash Player 9 /10. According to Trend, "Once a user opens a specially crafted PDF file, two binary executables are dropped and executed on his/her system." Adobe's blog post states "There are reports that this vulnerability is being actively exploited in the wild via limited, targeted attacks against Adobe Reader v9 on Windows" though other platforms are also vulnerable. A workaround is offered, though you may want to use an alternative PDF viewing application like Sumatra, xPDF, or Foxit Reader. You can also use a web-based service like Zoho Viewer or PDFMeNot.

Even after announcing they would switch to a Microsoft-style "Patch Tuesday" schedule to redouble their security efforts, the exploits keep on surfacing. It's a major problem for us all, since both Flash and Reader are so widely used. We know Adobe said they're re-committing themselves to security, so let's hope they follow through.

Filed under: Security, Office, Adobe

Adobe steps up, responds quickly to latest exploit

Recently, a critical Javascript vulnerability was discovered in Adobe Reader which affected several versions on all platforms. It was the second major exploit this year targeting the application.

Adobe has responded quickly, putting together updates for Windows, Mac, and Linux in less than two weeks. While an immediate "Patch Tuesday" fix a la Microsoft would have been even better, it's good to see Adobe prioritizing security.

That's an important and necessary step. Unwary PDF users will continue to be an attractive target for hackers and Adobe must be increasingly vigilant.

If you took F-Secure's advice and temporarily switched to another PDF reader temporarily, the newly-patched Reader is ready for download if you are. I've not been a fan of Reader in the past - due to its footprint and sluggish startup times - but version 9 is a major improvement over older versions.

More details about the exploit and download links for all platforms are available from the Adobe security bulletin.

Filed under: Security, Office, Adobe

Yet another security flaw surfaces in Adobe Reader

It hasn't been the best couple of weeks for Adobe Reader.

First there was the advice from F-Secure's Mikko Hypponen to stop using Reader and switch to an alternative. Now there's word of a new security flaw that is known to affect versions 8.14 and 9.1 for Linux and could also affect other versions of the program on other operating systems.

The exploit takes advantage of the javascript getAnnots() function in Reader and could, as with its predecessor, allow an attacker to remotely execute arbitrary code.

Even the U.S. Department of Homeland Security is on the case. They advise temporarily disabling javascript as an intermediate fix:
"To disable JavaScript in Adobe Reader, open the General Preferences dialog box. From the Edit-Preferences-JavaScript menu, un-check Enable Acrobat JavaScript."
Adobe has acknowledged the problem in a blog post, though it states nothing more than "we know about it, and we'll have an update once we get more information." Security is serious business. Let's hope Adobe jumps to the pump this time and promptly issues a patch.

[via CNet]

Filed under: Security, Office, Adobe

Antivirus maker F-Secure slams Adobe on security, says "quit using Reader"

In case you weren't in attendance at this year's RSA conference in San Francisco, F-Secure's Mikko Hypponen has a pro tip for you: stop using Adobe Reader.

Hypponen doesn't place all the blame on Adobe. Part of the reason for suggesting the switch is the nearly twenty-fold increase in drive-by downloads that target Reader specifically. It's now become the most popular target for this type of attack, a dubious distinction previously held by Microsoft Word.

No, Adobe can't control the number of malicious documents that are created. They can, however, do a much better job of responding to the security holes that tempt evildoers into creating exploits that target their application in the first place.

On this front, Hypponen is clearly critical of Adobe, stating "[they have] a lot to learn from, of all places, Microsoft," when it comes to security. He believes updates just aren't as much of a priority for Adobe, who took their time in issuing a patch for the exploit that came to light in Frebuary and have been slow in responding to vulnerabilities in the past.

By now, many of you have probably made the switch to a non-Adobe web-based or desktop PDF viewer. If you haven't yet, Hypponen suggests visiting pdfreaders.org and downloading an alternative.

[via CNet]

Filed under: Internet, Utilities, Macintosh, Productivity, Adobe, Commercial, Freeware, Browser Tips, Imaging Tips

PDF Browser Plugin for Mac browsers

PDF Browser PluginThe Mac's built-in PDF support is pretty strong, which is nice because if there's one piece of software I have always despised for its unnecessary bloat, it would be Adobe Reader. To be honest, I've always liked the fact that when I come across a PDF online, clicking to open it results in it being downloaded and opened in the built-in Preview application. Opening PDFs in the browser was always slow and clunky using Adobe Reader, and always annoyed me.

But recently a friend convinced me to try Schubert|it PDF Browser Plugin, and I'm glad I did. PDF Browser Plugin does exactly what you'd expect, allowing you to view PDF files in the comfort of your favorite browser (provided your favorite browser is either Firefox or Safari). But what I found surprising was how fast PDF Browser Plugin is. If you happen to be viewing a small PDF, it will open almost instantly, with the only delay being how long it takes to download the actual PDF file. This speed is possible because PDF Browser Plugin is leveraging the Quartz technology built into the Mac that allows it to render PDF files in the same way the Finder or Preview does.

The plugin's other claim to fame is a distinct respect for the Mac's look-and-feel. Schubert|it PDF Browser Plugin is free for personal or educational use, but requires a $69 site license for business users.

Filed under: Internet, Utilities, Windows, Office, Adobe, Freeware, Windows x64

Perfect PDF is a solid Adobe Reader alternative


Though Adobe Reader has come a long way in the past couple versions, there are other good options available for displaying PDF files. For Windows users, Perfect PDF Reader may be an enticing alternative.

Apart from the obvious addition of a ribbon interface, Perfect PDF adds a number of useful features. There are three views to choose from - standard, reading view, and a full-screen reading. Perfect PDF also makes it easy to extract images and text from files. Either type of element can be selected, copied, and pasted elsewhere, and you can also save the entire file as text export it to a variety of image formats. As with FoxIt PDF, Perfect PDF can also edit form fields and save your input in the document.

There are areas of the interface that look unfinished, or at least a little plain - like the save as images dialog. While it doesn't hinder any functionality, it doesn't fit in with the more up-to-date look of the ribbon.

Perfect PDF Reader is a free download and runs on both 32- and 64-bit Windows platforms. The Visual C++ 2008 runtimes are required, and can be downloaded during installation if you need them.

Filed under: Security, Office, Adobe

Adobe Acrobat bug more dangerous than originally thought

The Adobe Acrobat vulnerability that was reported here back on February 20th remains unpatched, and it now appears that the risk the bug presents is even greater than originally thought.

Because of the way Adobe integrates into Windows explorer - to provide metadata information about PDF files - there is a chance that your system could become infected without ever opening a single file. Since the bug's code can be placed within a file's metadata, any action that calls that data could set things in motion. That includes something as simple as hovering your mouse over the file icon, according to Obsessable's Stephen Schenck.

In the original post, I suggested using an alternative application to read files, but that won't fully address the vulnerability. To be completely safe, you'll have to remove Adobe Reader (and presumably, Acrobat as well) from your system for the time being and reinstall it once Adobe has developed a patch.

[ via Obsessable ]

Filed under: Internet, Security, Adobe

Adobe warns of critical vulnerability in Reader, Acrobat

Bad news for anyone that utilizes Adobe's Acrobat software, or Adobe reader to view PDF files. A critical vulnerability has been identified that can cause the applications to crash and allow an attacker to control the affected system. All versions from 7 forward on all operating systems are suspected to be at risk.

According to the announcement from Adobe, this isn't just a possibility, it's actually happening. Reports have already been made of the buffer overflow exploit being used in this type of attack. Adobe is also working with antivirus vendors to patch the holes, and patches to update the vulnerable apps are in the works. The bad news: patches aren't likely to be ready until March 11th, 2009.

That's not nearly fast enough considering the severity of the flaw. In the meantime, you'd be wise to install an alternative applications to handle viewing PDF files. Sumatra and FoxIt are both good alternatives for Windows.

The announcement doesn't specify whether the flaw is platform specific, so Mac users may want to play it safe and stick to using Preview. *nix is also at risk, though most users are likely already utilizing alternatives.

The
full bulletin is available on Adobe's web site.

Filed under: Internet, Office, Web services, web 2.0

PDFMeNot Offers Flash-based Online Viewing


When people think about the most irritating apps on their computer, Adobe Reader usually shows up on the list. Our readers tend to think the alternatives (like Foxit) are the way to go, and I couldn't agree more.

That's why I decided to give PDFMeNot's web app a try. I'm a Foxit user, but I really don't use PDF files that often. If PDFMeNot works well, that's one more app I can leave off my flash drive. Also, I enjoy the irony of thinking that I'm getting away from Adobe, when really I'm just choosing Flash over Reader.

Damn it. You win again, Adobe.

I did a quick Google search and located an unclassified Air Force finance report, and dropped in the URL. It took a little bit (about three minutes or so, but it was a 728-page report) for the document to be displayed, but once it was up it worked nicely.

The developers are nice enough to offer a tools page, where you'll find a bookmarklet, Firefox extension, and even code to embed the viewer on your own page.

Since it only functions as a viewer and I can't print from it, I'll be sticking with Foxit portable. I will, however, keep PDFMeNot filed away for days when I forget my flash drive somewhere.

Filed under: Utilities, Windows, Adobe, Freeware

Adobe Reader 9 released, Adobe Reader Lite 9 unofficially released

Adobe Reader Lite 9
Adobe Reader 9 is out, and while the latest version of Adobe's popular PDF reader offers faster launch speeds and native support for Flash content, it still takes forever to run Adobe Reader on some computer systems. If you've ever come across an unexpected PDF link on the web, you know what we mean.

While there are plenty of alternative PDF readers (some of our favorites include Foxit and Sumatra), if you want an application that can handle pretty much any PDF file in existence, you're still best off running Adobe Reader, even if it has a ton of features you'll never need. Fortunately, there's a stripped down version of Adobe Reader called Adobe Reader Lite.

Adobe Reader Lite is maintained by a third party developer and isn't officially supported by Adobe. But version 9 was released last week, hot on the heels of Adobe Reader 9. AR Lite contains all of the basic functions you'd need from Adobe Reader, but none of the extra junk like autorun, desktop shortcuts, or some of the less frequently used plugins.

[via gHacks]

Filed under: Weekend Review

Download Squad Week in Review

logoThe time between Christmas and New Year's is what folks in the biz typically like to call a slow news period. But in the fast-paced world of technology (cue the Quantum Leap-them song styled synth pop), the news never stops. Here are some of the stories you might have missed if you were spending too much quality time with the family this week.

Flipping the Linux Switch: The GNOME Desktop Environment
So there's this operating system called Linux. You may have heard of it. It's kind of like Windows or OS X, but it's highly customizable, stable, and runs on all kinds of machines. Linux has come a long way since the days when you had to understand and love the command line in order to use it at all. But unlike Windows or OS X, Linux presents users with a choice of graphical user interfaces. Our resident Linux guru Kristin Shoemaker will help you decide which desktop environment is right for you. In part one, she looks at GNOME. Stay tuned for part two, an in-depth look at KDE coming soon.

The world ends on January 19, 2038: Thank Unix!
Remember how the world ended in Y2K? You know, power went out around the world, airplanes fell from the sky and all the nuclear warheads stored in government bunkers just up and exploded. Oh right, yeah, that never happened. But if you're looking for another potential disaster to worry about, look no further than 2038. That's when Linux machines will start to party like it's 1901. Of course, there's about 30 years to fix this problem, so you might not need to invest in a bomb shelter just yet.

Read more →

Filed under: Utilities, Windows, Freeware

PDF-XChange: Another light weight Adobe Reader alternative

PDF-XChange
We spend a lot of time reading PDF documents here at Download Squad HQ, so we're always on the lookout for full featured PDF viewers that don't take as long to load as Adobe Reader. We've looked at Foxit and Sumatra in the past, and we've been pretty happy. The other day when we wrote about another solution, Adobe Reader Lite, which strips some unnecessary plugins from Adobe Reader to improve performance for most users, Downlaod Squad reader Anand K Gupta turned us on to yet another excellent alternative.

PDF -XChange Viewer
loads PDFs faster than Adobe Reader, which may be the only feature that matters to many users. But this free application also includes tools for editing, highlighting, or adding notes to PDF documents.

The application also has a useful snapshot tool for copying selected portions of a document to your clipboard, and a feature for attaching open documents to email messages. Considering PDF-XChange Viewer is just the free version in a set of commercial PDF creation tools from Tracker Software, it's amazing how many features this little application has. It might not be quite as fast or lightweight as Foxit or Sumatra, but comparing PDF-XChange Viewer to those applications is kind of like comparing a Swiss Army Knife to a spork.

Filed under: Utilities, Adobe, Freeware

Adobe Reader Lite: Blazing fast version of Adobe Reader 8

Adobe Reader Lite
Adobe may have pioneered the PDF format, but it's been a long time since we've recommended anyone download the free but bulky Adobe Reader for viewing PDF files. Foxit Reader can open pretty much anything Adobe Reader can, but much much faster.

A few months ago we took another look at Adobe Reader, when we found Adobe Reader Speedup, which lets you remove some of the plugins that come with Adobe Reader that make its startup time so slow. But most users aren't going to want to install software just so they can uninstall components of other applications.

That's where Adobe Reader Lite comes in. The application is based on Adobe Reader 8, but several plugins and features have been removed, including:
  • Removed license agreement popups
  • Removed autorun and desktop shortcuts
  • Removed several plugins
It's not entirely clear which plugins were removed, but since most users probably use Adobe Reader just to open and read PDF files, odds are Adobe Reader Lite will do the trick. The application loads in no time at all and takes up significantly less storage space than the full version of Adobe Reader. On the other hand, Adobe Reader light still seems to eat up about 3 times the RAM and 7 times the disk space of Foxit Reader. But it might be worth keeping around in case you find a document that doesn't load properly in Foxit.

[via gHacks]

Featured Time Waster

Graveyard Shift - zombie-busting Time Waster

With Halloween fast approaching, it's a great time to get in some practice defending your territory against zombies. In Graveyard Shift, you take aim at zombies and other creepy-crawlies, blasting them into splatters of cartoony green guts. It's a casual first-person shooter, and it's very easy to get the hang of - use the mouse to aim, click to fire. Graveyard Shift has at least 15 levels, and it might even have some secret stages I haven't unlocked yet. They key to getting good at Graveyard Shift is learning to use ...

View more Time Wasters

Featured Galleries

Defective by Design, London: Protest Pictures
Microsoft Security Essentials
Chromium Pre-Alpha on CrunchBang Linux
Safari 4 Beta
10 Firefox themes that don't suck
IE8 RC1
Download Squad at the Crunchies After-Party
Download Squad at the Crunchies
WordPress 2.7
Cooking Mama: Mama Kills Animals
Windows 7 Hands On
Comodo Internet Security
Android First-look: Amazon.com MP3 Store
Android First-look: Twitroid
Google Reader Android
Android Hands-On
Twine 1.0
Photoshop Express Beta
Mozilla Birthday Cake
Palm stuff
Adobe Lightroom 1.1

 


Follow us on Twitter!

Flickr Pool

www.flickr.com

More Tech Coverage

AOL Radio