topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday March 28, 2024, 4:12 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Last post Author Topic: Acrobat bug can lead to malware installs without even opening an infected file  (Read 24860 times)

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Well, most people are probably using the same library for JBIG2 support, so no wonder it's widespread... code-execution exploits would have to be tailor-made to each platform/application, though...
- carpe noctem

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,884
    • View Profile
    • Donate to Member
I just wanted to make people aware that this is not a "Windows only" issue, nor is it an "Adobe Reader only" issue.

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
I just wanted to make people aware that this is not a "Windows only" issue, nor is it an "Adobe Reader only" issue.
Yeah, and good job for doing so :up:
- carpe noctem

tomos

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 11,959
    • View Profile
    • Donate to Member
There's reasons people are "anti" big companies, or quick to give them a hard time.

The big companies tend to stop focusing on the software and what their software is meant to do.
What do they focus on - you could write a book about that. I would throw in; egos, money, "power", stocks, and the fear of losing what they have which ironically seem to drive them to do even more things that turn people away from them.
So people start using Foxit, or free or smaller Anti-virus programmes, or Linux, (even!) and then (sometimes) the big companies cop on, like Symantec trying to slim down their anti-virus etc., Adobe speeding up start times for Acrobat Reader.

As for helping them, I'm slow to do that - there's been a bug in Acrobat reader all the way through version 8.* I didnt report it.
The bug was that the default (for graphics programmes) switching between pan and zoom in/out shortcuts didnt work properly - why should I report that, they MAKE Illustrator and Photoshop! - so they could not have missed this bug. And the message in the fact it's not fixed?
Have you ever tried to use their forums - I did early last year over a period of time and I've rarely ever had to wait so bleeding long for pages to load - what's the message there for me ?! Btw, I know one probably reports bugs elsewhere.

I still use Acrobat Reader (or whatever they call it these day). It is my favourite reader ;D but as you can see I'm not too happy about it ;)

*  the bug
using spacebar to pan, if you then click on Control key you can zoom - select an area with mouse and zoom in, or zoom in increments by clicking mouse - adding Alt key to the mix zooms out. It's the most efficient way to switch between panning around and moving in and out. Once you start using that comfortably (if you need to navigate that much) you'll never use another way out of choice.

the bug is:
Currently if you press spacebar and then Control key nothing happens

Tom

lanux128

  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 6,277
    • View Profile
    • Donate to Member
has anyone any news about the patch availability from Adobe? only recently the precursor of this bug was covered in DC, where it was mentioned that "patches aren't likely to be ready until March 11th, 2009".

Dangerous Adobe Reader Vulnerability In the Wild

J-Mac

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 2,918
    • View Profile
    • Donate to Member
There's reasons people are "anti" big companies, or quick to give them a hard time.

Yeah, like the fact that back about three or four versions ago they added ads into Reader? Or maybe the Yahoo Toolbar they added to their downloads about 5 years ago? I can almost understand why the smaller developers do things like this - they are often struggling and trying to help finance their business. (Not that I condone it - just almost understand it!)

What's Adobe's excuse?  Pigs.

Jim

tomos

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 11,959
    • View Profile
    • Donate to Member
has anyone any news about the patch availability from Adobe? only recently the precursor of this bug was covered in DC, where it was mentioned that "patches aren't likely to be ready until March 11th, 2009".

Dangerous Adobe Reader Vulnerability In the Wild

going off-topic briefly
Lanux, you said earlier in thread that you use portable version of reader
Could you recommend a source for that -
I realise they'll take a bit longer to incorporate the Adobe update, whenever that comes ...
Tom

lanux128

  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 6,277
    • View Profile
    • Donate to Member

Josh

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Points: 45
  • Posts: 3,411
    • View Profile
    • Donate to Member
AR 9.1 released. And it still launches almost instantly after a fresh reboot. Guess I am just not affected by all of the "bloat"