Tech – for Everyone

Tech Tips and Tricks & Advice – written in plain English.

Adobe. Again.

Patches? We Don’t Need No Steenkin’ Patches!

“Adobe announced today that they will issue an out-of-band patch around August 16 for a new vulnerability discovered in Reader and Acrobat, as reported by Computer World. The bug lies in the way Reader and Acrobat parse fonts. It can be exploited to corrupt memory with a crafted TrueType font and a successful attack can allow code execution (translation: bad guys can run their installers and put malware on your machine).

This is one of several out-of-band updates released so far this year by Adobe, befitting Reader’s status as the software targeted most by malware¹. The upcoming Reader 10 is going to have a sandbox technology that would help protect against attacks like this one. This update is for Windows, Unix, and Mac; see more at the posted Adobe bulletin.”

You might remember.. the subject of patches and “updates” has come up already this week..
Related:
* No, You Were Not Hallucinating…
* What’s With All These Updates?!*
* Poisoned PDFs? Here’s Your Antidote

Frankly folks, I will not have Adobe Anything on my machines.. I use an ‘offbeat’ PDF viewer.
Today’s free download: The latest version of Foxit PDF reader has a Safe Reading setting–enabled by default under a new Trust Manager section in the preferences–that blocks embedded programs from running.

Might work if my name was Smith Department:

Thank You

From: “Mr Henry Makaba” <xxc09@me.com>
To:
undisclosed-recipients

I am an Account Manager, A client of mine died in 2005 in a horrible boat mishap and he has a lodgment fund to claims US$16.7M. And no other person knows about this account. I am contacting you because both of you have thesame last name. If you are interested forward to me your full names, cell, Phone/fax, profession, age and country so I can contact you for further clarifications. Thank You, Mr.Henry Makaba

¹ emphasis mine.

Copyright 2007-2010 © “Tech Paul” (Paul Eckstrom). All Rights Reserved. jaanix post to jaanix.


>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<


Share this post :

August 6, 2010 - Posted by | computers, security

4 Comments »

  1. Paul,
    As long as program codes are written by humans, one can’t get rid of these stinkin’ patches..
    And the person is ready to share million bucks just because you’ve the same name as his client (as written by the spammer), just LOL @him.

    Like

    Comment by Ranjan | August 6, 2010 | Reply

    • Ranjan,
      I agree with you, but I still say that the reactive approach – while it may be “the best we can do” (and is certainly better than doing nothing) is treating the symptom, and not the disease.

      … and I am a fan of Humphrey Bogart movies. I was playing with a (rather famous) line from The Treasure of the Sierra Madre.

      Like

      Comment by techpaul | August 6, 2010 | Reply

  2. I agree. I’ve switched to Foxit and it does the job well. Just wish it did not have a problem with Firefox but I’ll live with it.

    Like

    Comment by John | August 6, 2010 | Reply

    • John,
      There are others you might try…
      PDF XChange PDF Viewer, for one..

      Like

      Comment by techpaul | August 6, 2010 | Reply


Post your Comment/Question

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: