Hot on HuffPost Tech:

See More Stories

Free Switched iPhone app - try it now!

AOL Tech

AOL
MAIL

Switched

Desktop:
Windows
OS X
Linux

Acrobat Reader X delivers on security promise

by Lee Mathews on February 3, 2011 at 11:00 AM

Over at the Naked Security blog, Sophos Labs' Paul Baccas posted his first encounter with PDF spam using Adobe Reader X -- which Adobe promised would feature an improved set of security features. Baccas was examining a new spam campaign which aims to trick users into opening a malicious PDF, first opening it in Reader 8 and then in Reader X.

When opened in the old version, the PDF attack mechanism springs into action and downloads malicious code from a remote server. Under Reader X, however, all he saw was the dialog above. "It appears that an update introduced in Adobe Reader X has broken a fundamental part of this threat. Well done Adobe!" says Baccas.

We're also in agreement with his recommendation that everyone who can -- network administrators included -- update their systems to Adobe Reader X as soon as possible.

Tags: adobe, adobe reader x, AdobeReaderX, apps, malicious, pdf, security, sophos

source: Sohpos

Comments

MxxConFeb 3rd 2011 12:37PM

Neutral

so is this actually an intentional security measure or readerX just changed something the way it works and it broke that exploit?

Dislike

Report

mer2329Feb 3rd 2011 1:01PM

Neutral

i dont care if its an exploit or not
i dont use adobe reader
i use less known "readers" like sumatra PDF to avoid this

Dislike

Report

Anthony S.Feb 3rd 2011 3:06PM

Neutral

@mer2329 I'm actually very pleased with Reader X. I wish they would stop using that damn download manager to get it, or offer and easy-to-find offline installer (they do, but you have to go on an expedition to find it), but it's performance is actually quite solid. I would say it's on par with Foxit Reader. I switched back because I was tired of Foxit's buggy Firefox plugin, and I haven't even thought of going back. I'm quite shocked at what Adobe pulled off!

Dislike

Report

MxxConFeb 4th 2011 12:11AM

Neutral

@Anthony S. offline installers are always listed on http://filehippo.com/download_adobe_reader/

Dislike

Report

mer2329Feb 4th 2011 3:01AM

Neutral

@Anthony S. if there was a compatible product to flash that wasnt flash i would use that.

i am not at all pleased with adobes slow responce to security holes with such a big product
if they responded faster than i may consider using reader again
plus this is new software and i want to see its security measures before i install
plus i like how fast sumutra opens (its very fast) last time i used reader there was a 10-30 second delay before opening

Dislike