Adobe Reader and Acrobat - Black Tuesday continues

Published: 2009-10-13. Last Updated: 2009-10-13 23:07:35 UTC
by Daniel Wesemann (Version: 1)
6 comment(s)

It ain't just Microsoft ... while MS issued a deluge of patches today, Adobe pushes just one, but theirs addresses no less than 29!! gaping holes in one single update.  As we reported earlier, at least one of these 29 vulnerabilities is already being actively exploited. So if you are using Acrobat or Adobe Reader, no matter whether on Unix Windows or Mac, you definitely should take a close look at http://www.adobe.com/support/security/bulletins/apsb09-15.html and start rolling the update. If we were in the habit of rating Adobe patches like Microsoft's, this one would be a "Critical"

Keywords: Acrobat Adobe patching
6 comment(s)

Comments

Interesting; I go to download the `Adobe Reader MUI 9.2 Update - Multiple Languages` which says its file size is 22.01MB. Actual file size: 275MB. Must be the new math. Hopefully they fix it by the morning. -eddy

-eddy

Oct 14th 2009
1 decade ago

go to ftp.adobe.com/pub/... and you can get an MSI for 9.2 update

florian

Oct 14th 2009
1 decade ago

we are having trouble getting the install for 9.2 to work. after analyzing the install it seems to be installing 9.1.3, and it is failing because we are already at that version. anyone else seeing this? any solutions found?

KC

Oct 14th 2009
1 decade ago

I manually uninstalled Reader 9.1.3 and checked to see that the plugin in Firefox was removed. Rebooted, installed 9.2 and v9.1.0.163 showed up in Firefox again.

On this end, I'm stuck with the Reader package that includes the unwanted AIR/Adobe.com stuff PLUS versioning that suggests that the browser is still unprotected. Add to that the extra hoops that it takes to get IE or Firefox to work with the new version, and I think we can call this one "epic fail". Maybe this is why I didn't see a v9.x directory at ftp://ftp.adobe.com/pub/adobe/acrobatreader/win/

As it stands now, we won't be rolling this out in our company. I hate having the security hole, but a patch that kills functionality is not accepted in the production systems.

Joel

Oct 14th 2009
1 decade ago

Somewhere, and I will be blessed if I remember where, I got a URL which pulled only the Acrobat Reader portion, without any of the bloat-ware that usually comes with Acrobat Reader. (It may have even been for the 8.x versions...)
Since that time, I have had to take the whole ball of wax, AIR, Adobe.com, etc. etc. One of the things which I have used to strip out the extras and seems to work well is Revo Uninstaller at http://www.revouninstaller.com/ in advanced mode. Your mileage may vary.

BezantSoft

Oct 19th 2009
1 decade ago

BenzantSoft, here are some instructions which include a link to the Adobe tool for customizing the installer package. It took a little tinkering but was not a time sink. The option to eliminate the AIR/Adobe.com stuff worked just fine.

http://cadpanacea.com/node/144

Joel

Oct 21st 2009
1 decade ago

Login here to join the discussion.


Top of page
Diary Archives