Monday, February 23, 2009

Did we need another reason to look elsewhere for a PDF reader?

Adobe Reader has yet another exploit. They seem to have these found with monotonous regularity and with similar monotonous regularity, take way too long to address them properly.

This one affects all versions of Adobe Reader as well as Adobe Acrobat - in particular the JavaScript engine in these products. The recommended workaround (until Adobe can be arsed releasing an update, currently updates for Acrobat 9 and Reader 9 are scheduled for 11 March 2009, older versions will need to wait longer for this security update) is as follows:

In Adobe Reader or Adobe Acrobat, go to Edit\Preferences\JavaScript, then uncheck the "Enable Acrobat JavaScript" and then click "OK".

Please note that this is the next in what's becoming a long line of exploits against Adobe Acrobat/Reader's JavaScript engine.

A better option may be to look at something like Foxit Reader by Foxit Software. Sure, they have not been totally vulnerability free (who has?), but they seem to have a lot less and fix them a lot quicker (ie, take them more seriously) than Adobe does.

Regards,

The Outspoken Wookie

No comments: