Adobe Plugs 8 Security Holes in Reader
This post was updated at 12:20 p.m. to clarify what's new in this Adobe patch. See the update below the original post.
Adobe has issued an update to plug at least eight security holes in its PDF Reader software. The latest patch brings the current, patched, version of Adobe to 8.1.2.
If you're reading this post on a system that has Adobe Reader installed, please take a moment now to download and apply this update. Cyber crooks have recently added Adobe vulnerabilities to "Neosploit," a tool that automates the exploitation of outdated browser plug-ins when users visit certain malicious or hacked Web sites.
As Symantec notes, you don't have to be doing anything risky to get burned by running an outdated copy of Adobe Reader these days. Symantec writes: "If a user is enticed to a hostile Web site (who knows which ones are hostile these days) using the browser of their choice, it is reasonably likely that their computer will become infected provided that they have Acrobat installed on their computer."
If you're looking for a slimmed-down, free alternative to Adobe Reader that consumes far fewer system resources (and may be quite a bit more secure), I would wholeheartedly recommend Foxit Reader.
Update:
A clarification is in order here. I saw the date on this advisory (May 6), and assumed we had a new update for Adobe Reader. Turns out, that is only partly true. The vulnerabilities addressed in this update were fixed by Adobe back in February, so if you applied that patch, there is no reason to take any action here.
However, the company did not release details about those flaws at the time. This advisory changes that. More importantly, this advisory clarifies that Adobe has finally issued updates to fix these vulnerabilities for people still running version 7 of Adobe Reader. If you are running Adobe Reader 7, fixes for these eight security holes are now available.
By
Brian Krebs
|
May 9, 2008; 11:40 AM ET
Categories:
New Patches
Save & Share:
Previous: Mozilla Distributes Virus-Infected Language Pack
Next: Online Sellers: Beware of Fake Check Scams
Posted by: DeafRandy | May 9, 2008 11:52 AM | Report abuse
Is this an update, or just a security advisory? Reader 8.1.2 has been out since early February...
Posted by: Nathan | May 9, 2008 12:22 PM | Report abuse
Adobe had promised to release a version of the 7 series and estimated that this would be available in April.
It's really late given that the 8 series was patched in February, but at least they really did deliver.
The patched version is Adobe Reader 7.1.0 (previous version was 7.0.9)
Posted by: Andrew from Vancouver | May 9, 2008 1:14 PM | Report abuse
If somebody can tell me how to get Foxit to integrate with Firefox so I can view pdfs within Firefox, I'd be very grateful. So far all I've managed to do is make Firefox launch Foxit automatically if it opens a pdf, but only in a separate window. I'd like it to open in the same tab.
Posted by: Stern | May 9, 2008 2:16 PM | Report abuse
While the Adobe Reader is the same version, I believe that the patch for Adobe Acrobat was not previously released. Therefore, if you are using Adobe Acrobat, go download the patch to get you from 7.0.9 to 7.1.0 since those who have Adobe Acrobat Standard or Pro are also vulnerable.
Adobe Acrobat 7.1.0 for Acrobat 7 (Standard/Professional/3D) on Windows:
http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows.
Adobe Acrobat 7.1.0 for Acrobat 7 (Standard/Professional) on Macintosh:
http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Macintosh.
Posted by: reswob | May 9, 2008 3:22 PM | Report abuse
For clarification (if there is such a thing anymore), see:
Security Updates available for Adobe Reader and Acrobat 7 and 8
- http://www.adobe.com/support/security/bulletins/apsb08-13.html
May 6, 2008 - "...Adobe recommends Acrobat 8 users ...update to Acrobat 8.1.2...
....Users with Adobe Reader 7.0 through 7.0.9, who cannot upgrade to Reader 8.1.2, should upgrade to Reader 7.1.0..." (i.e.: W2k users)
.
Posted by: J. Warren | May 9, 2008 10:43 PM | Report abuse
hello everybody! canada in louis replica sold vuitton xap
Posted by: joseph | May 23, 2008 9:17 PM | Report abuse
interesting site man replica a lange watches 15564
Posted by: bred | May 25, 2008 1:40 AM | Report abuse
cool post dude diet ephedrine pill lhdwgm
Posted by: liza | May 26, 2008 7:00 PM | Report abuse
good site dude 35 mg phendimetrazine 3475
Posted by: kris | May 26, 2008 9:48 PM | Report abuse
hay diet pill called adipex >:((
Posted by: arni | May 26, 2008 9:52 PM | Report abuse
great work man thx nakedwomen 3483
Posted by: lola | May 27, 2008 7:33 PM | Report abuse
hay preteen lolita sex >:-OO
Posted by: adult | May 27, 2008 7:36 PM | Report abuse
great work man thx teengirls 7573
Posted by: jenna | May 27, 2008 9:51 PM | Report abuse
please look at this bigtits >:(((
Posted by: jenna | May 27, 2008 9:58 PM | Report abuse
The comments to this entry are closed.
FoxIt reader is the best; But stay with 2.2, not 2.3 version. People on their forums report problems with the 2.3, where 2.1 and 2.2 work just fine. While it doesn't have the features that the bloated Adobe product does, it works far better.