• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Adobe Reader Exploits

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses

View previous topic :: View next topic  
Author Message
graycat
SF Mod
SF Mod


Joined: 29 Apr 2005
Posts: 16777195
Location: London, UK

Offline

PostPosted: Wed Apr 29, 2009 11:43 am    Post subject: Adobe Reader Exploits Reply with quote

it seems we can't go another month without some kind person locating a new 0-day flaw in Adobe's PDF viewing / creating family of software.

How has this affected you in your place of work? Are you sticking with Adobe or moving to something else? Has anyone managed to persuade their company away from the almost standard software that is Adobe?

Personally we've got as far as granted a test program for other readers (FoxIt etc) but have met some extreme resistance for looking at writer / editor versions.
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
WhiteHat
Just Arrived
Just Arrived


Joined: 23 Nov 2005
Posts: 0
Location: Italy

Offline

PostPosted: Wed Apr 29, 2009 1:50 pm    Post subject: Re: Adobe Reader Exploits Reply with quote

graycat wrote:
Are you sticking with Adobe or moving to something else?

I'm not sure that other adobe-like applications are less prone to vulnerabilities. I think they are just undertargeted by debuggers and get less bugs reports because they're not so widely used.
graycat wrote:
Has anyone managed to persuade their company away from the almost standard software that is Adobe?

Picture yourself a scenario in which you could have a vulnerable application with a limited flaw research and a less commercial support than the Adobe can offer.
If you want to convince the BoD and the users to start a change management process, you need a solid proof that the new choice has a better cost/benefit value.
When I face a similar kind of job, I get the evaluation parameters directly from the regular users and from the mantainers, and then I stress all the applications involved in the comparison in order to obtain the best value for those parameters.
The result is a report that I submit to the BoD.
Btw, even if my experience is in the security product - not in office automation - field , I think the methodology is still applicable.

I hope this will help. Let me know.
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register