Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Out-of-band Security Updates for Adobe Reader and Acrobat

Aug 5, 2010 7:10AM PDT
Prenotification: Out-of-band Security Updates for Adobe Reader and Acrobat

From: The Adobe Product Security Incident Response Team (PSIRT) Blog:

A Security Advisory has been posted in regards to upcoming Adobe Reader and Acrobat updates scheduled for the week of August 16, 2010. The updates will address critical security issues in the products, including CVE-2010-2862 which was discussed at the Black Hat USA 2010 security conference on Wednesday, July 28, 2010. These security updates will be made available for Windows, Macintosh and UNIX.

At this time Adobe is not aware of exploits in the wild for any of the issues addressed in this Security Advisory.

Note that these updates represent an out-of-band release. Adobe will release the next quarterly security update for Adobe Reader and Acrobat on October 12, 2010.

We will continue to provide updates on the upcoming release via the Security Advisory section of the Adobe website as well as the Adobe PSIRT blog.

As Posted Here: http://blogs.adobe.com/psirt/2010/08/pre-notification-out-of-band-security-updates-for-adobe-reader-and-acrobat.html

Discussion is locked

- Collapse -
No more Adobe for me
Aug 13, 2010 6:59PM PDT

I used Adobe as my PDF reader for years, but just got fed up with it's terrible security holes that keep cropping up. It's probably the weakest security vector on many computers.

I would recommend changing to the free and reletively small FOXIT, which does everything that Adobe does.

Adobe/Acrobate is a huge bloated security riddled program which need to be re-written from the ground up.

Some companies refuse to use it because of the security issues, and if I remember correctly Steve Jobs said you couldn't use it on some of his products due to the poor security - although I suspect there is more to it than just that.

- Collapse -
Remember Though... Foxit Needs Updates As Well
Aug 14, 2010 6:23AM PDT

No program is completely secure forever.. AS just an example, Foxit released it's most recent security update, and newest version of the program, on August 6, 2010. Here's a link to their security bulletins page.:

http://www.foxitsoftware.com/pdf/reader/security_bulletins.php

I'm not saying Foxit is a bad choice.. It's a perfectly good program but make sure you're seeing ALL the options.

Hope this helps.

Grif

- Collapse -
Foxit is Comparatively more secure
Aug 17, 2010 5:51PM PDT

You are right, Grif. I didn't mean to suggest Foxit was 100% secure, as you said, no program is, and patches will need to be applied with varying frequency.

Comparatively, Foxit has fewer security holes than Adobe, which is one of the most insecure programs that is widely used.

Foxit also has the advantage of being far less bloated than the awful Adobe/Acrobat family.

- Collapse -
Adobe Reader Out-of-band on August 19, 2010
Aug 17, 2010 5:34AM PDT

Today, Adobe have updated the Security Advisory for Adobe Reader and Acrobat with Vulnerability identifier APSB10-17

Release date: August 5, 2010
Last updated: August 17, 2010


Adobe is planning to release updates for Adobe Reader 9.3.3 for Windows, Macintosh and UNIX, Adobe Acrobat 9.3.3 for Windows and Macintosh, and Adobe Reader 8.2.3 and Acrobat 8.2.3 for Windows and Macintosh to resolve critical security issues, including CVE-2010-2862 discussed at the Black Hat USA 2010 security conference and the Adobe Flash Player update as noted in Security Bulletin APSB10-16. Adobe expects to make these updates available on Thursday August 19, 2010.

Note that these updates represent an out-of-cycle release. Adobe is currently scheduled to release the next quarterly security updates for Adobe Reader and Acrobat on October 12, 2010.

http://www.adobe.com/support/security/bulletins/apsb10-17.html

The blog has been edited also:

A Security Advisory has been posted in regards to upcoming Adobe Reader and Acrobat updates scheduled for Thursday, August 19, 2010.

http://blogs.adobe.com/psirt/2010/08/pre-notification-out-of-band-security-updates-for-adobe-reader-and-acrobat.html

- Collapse -
Security Updates Released for Adobe Reader and Acrobat
Aug 19, 2010 4:35AM PDT
From the Adobe Product Security Incident Response Team (PSIRT) Blog:

August 19, 2010

Today, a Security Bulletin has been posted regarding security releases for Adobe Reader and Acrobat. The updates address critical security issues in the products, including CVE-2010-2862 discussed at the recent Black Hat USA 2010 security conference and vulnerabilities addressed in the August 10 Adobe Flash Player update as noted in Security Bulletin APSB10-16. Adobe recommends that users apply the updates for their product installations.

Note that today?s updates represent an out-of-cycle release. The next quarterly security updates for Adobe Reader and Acrobat is scheduled for October 12, 2010.

http://blogs.adobe.com/psirt/2010/08/security-updates-released-for-adobe-reader-and-acrobat.html

The Security Bulletin: http://www.adobe.com/support/security/bulletins/apsb10-17.html