A
Alias
Borne said:
By George, you're right! That said, so ****ing what?
Alias
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
By George, you're right! That said, so ****ing what?
Alias
A
Alias
Mike said:And as Adobe will not fix the problem immediately, now would be a good
time to dump Adobe Reader for Foxit, yes?
With that logic, now would be a good time to dump Windows for Ubuntu, yes?
Alias
M
Mike Hall - MVP
Alias said:With that logic, now would be a good time to dump Windows for Ubuntu, yes?
Alias
That would be a complete over reaction
T
TomV
Mike said:And as Adobe will not fix the problem immediately, now would be a good
time to dump Adobe Reader for Foxit, yes?
I don't have a preference as to which application a user chooses to use.
That's not the issue. If there's a security vulnerability in an
application (or an OS), people need to be informed. Your comment about
the flaw requiring "conditions...beyond reasonable use..." to be
exploited was dismissive (and inaccurate). Some users may prefer to
wait for a patch from Adobe rather than change applications, but at
least they can do so knowing the potential risk.
I don't always agree with Alias, but I do in this case that your logic
is flawed. Do you recall the WMF exploit? Microsoft sat on its hands
for quite some time on that one to the point that non-MS vendors issued
patches to protect users while MS got its act together. Using your
logic, everyone should have switched to another OS.
At least Adobe acknowledged the problem and took some action.
http://blogs.adobe.com/psirt/
M
Mike Hall - MVP
TomV said:I don't have a preference as to which application a user chooses to use.
That's not the issue. If there's a security vulnerability in an
application (or an OS), people need to be informed. Your comment about
the flaw requiring "conditions...beyond reasonable use..." to be exploited
was dismissive (and inaccurate). Some users may prefer to wait for a
patch from Adobe rather than change applications, but at least they can do
so knowing the potential risk.
I don't always agree with Alias, but I do in this case that your logic is
flawed. Do you recall the WMF exploit? Microsoft sat on its hands for
quite some time on that one to the point that non-MS vendors issued
patches to protect users while MS got its act together. Using your logic,
everyone should have switched to another OS.
At least Adobe acknowledged the problem and took some action.
http://blogs.adobe.com/psirt/
They didn't sit on their hands. They put out a work around almost
immediately, and others created patches which would stop the exploit.
Microsoft released an official patch for it five days before the date that
they had set..
A
Alias
Mike said:That would be a complete over reaction
How so, Micro$lut takes a lot longer to patch than Adobe, sometimes
years or never.
Alias
T
TomV
Mike said:They didn't sit on their hands. They put out a work around almost
immediately, and others created patches which would stop the exploit.
Microsoft released an official patch for it five days before the date
that they had set..
Clearly we have a difference of opinion. So be it.
M
Mike Torello
Mike Hall - MVP said:And as Adobe will not fix the problem immediately, now would be a good time
to dump Adobe Reader for Foxit, yes?
I had installed another alternative - a new one on the scene
(SumatraPDF) - when that problem was first announced and then
completely forgot that it was even on my system until this discussion
popped up.
Of the alternatives, Foxit is probably the best (I've uninstalled
Sumatra after comparing the two).
When Adobe gets the reader fix in, I go back to using it as the
default (I have Acrobat 8.1 Standard on the system as well).
M
Mike Torello
TomV said:Clearly we have a difference of opinion. So be it.
It would appear that you have different facts as well.
T
TomV
Mike said:And as Adobe will not fix the problem immediately, now would be a good
time to dump Adobe Reader for Foxit, yes?
If you're using Foxit, you may want to update that as well.
Foxit Reader V3.0 Build 1506 released March 9, 2009
Vulnerabilities Fixed:
* Fixed the issue of stack-based buffer overflow.
* Fixed the issue of security authorization bypass.
* Fixed the issue of JBIG2 Symbol Dictionary Processing
http://www.foxitsoftware.com/pdf/reader/security.htm
http://www.foxitsoftware.com/downloads/
Ask a Question
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.