Zero-day Adobe PDF peril goes click free An unpatched flaw in Adobe Acrobat and Reader might be exploited without even needing to trick a surfer into opening a maliciously constructed file. Proof of concept demonstrations of this by security blogger Didier Stevens will increase pressure on Adobe to release a fix ahead of schedule. The exploit techniques demoed by …
I pretty much avoid installing any adobe software on my computers due to it mostly being bloated bug ridden borderline malware. Remember it was Adobe flaws that enabled the hackers to crack the fully patched Apple, LInux, Windows systems and win the contest awhile back. They dont say but I bet this security flaw doesn't affect the much faster, slimer alternative to Adobe Reader, FoxIt Reader (www.foxitsoftware.com). I highly recommend it.
I've been getting fed up with *every*damn*program's* insistence on installing some kind of ridiculous shell integration for years. I used to blame it on MS/Explorer but now I know MS is only partly at fault. This came to a head a few months ago when I needed to change the archive bit on a few thousand PDF files. Rather than going to the command line I stupidly tried to do it with Explorer. After selecting the PDF files I right clicked to access the context menu. And then I waited. And waited. Then I forgot what I was waiting for and clicked in some other window so I had to start over. This time I timed it and it took approximately 4 minutes before Explorer even displayed the context menu.
Why? Because various dumbasses have written numerous crappy Explorer extensions that install without your knowledge, and when you right click Explorer passes control to them so they can decide how to draw the context menu. When dumbasses write these things and forget that you may have thousands of files selected and/or those files may be tens or hundreds of megs in size, the delay becomes ridiculous.
Software developers, QUIT making installation of your crappy shell integration tools mandatory. Provide an option in setup as OpenOffice does so the user can decline.
I should think so. I don't know about other Linux desktops, but KDE's file-managers do their own PDF previewing with no help from Acrobat itself, so the trigger discussed in this article couldn't be pulled. And Mac OS has quite extensive PDF support built-in too, so I doubt it's susceptible either.
Of course, whatever the original vulnerability is (not just the additional Windows vulnerability that makes it more easy to trigger), that may exist on the other platforms -- but as usual, there'll probably be less that the miscreant can actually do to the system via the exploit on the non-Windows systems.
Presumably the risk is even greater, if Thumbnail View is all that is required, given XP's propensity to spontaneously alter Folder Views/Common Tasks. I don't recall if Vista does this specifically too, though I know the issue is not entirely fixed, if at all.
My experience of the issue is that if you add enough media files or change views in enough folders, Common Tasks change to reflect this even in unrelated folders, even perhaps in the majority of folders. So, if Thumbnail View is all that is required, Common Tasks needs to be turned off - i.e. Classic Folders selected (in Folder Options) - as simply warning against selecting Thumbnail View is not sufficient.
If it's any consolation, Microsoft have completely and utterly and incompatibly totally re-written the rule book for shell extensions for each new release of Windows since 2K, so the developers who write shell extensions have really suffered to bring you this pain.
No, I think "Adobe" refers to the construction material itself not what's built of it. So "Adobe house" is not a tautology.
So it's not the house, it's filthy crap that you can use to build a house which has been replaced with better materials by all but the most primitive.
Even more apt.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
