John Paczkowski

Recent Posts by John Paczkowski

Here's a Patch for You, Adobe: \Acrobat\Uninstall.exe

adobe-acrobat-reader-256x256There’s a critical vulnerability in Adobe’s Reader and Acrobat PDF software and at least one zero-day exploit for them in the wild already. Yet Adobe (ADBE) won’t have a fix in place until March 11, and then only for Adobe Reader 9 and Acrobat 9. Patches for earlier versions of the software will arrive sometime after that.

Two and half weeks or longer to wait for a critical patch.

In the meantime, exploits for the flaw will no doubt grow in number and cunning–a nightmare since the PDF format and Adobe’s related apps are so widely used. “Right now we believe these files are only being used in a smaller set of targeted attacks,” security group Shadowserver said in an advisory on the matter. “However, these types of attacks are frequently the most damaging and it is only a matter of time before this exploit ends up in every exploit pack on the Internet.”

Shadowserver recommends disabling Javascript in Acrobat and Reader to limit exposure to such attacks. There are, of course, other solutions as well–Foxit for Windows users, Preview for Mac users, and Xpdf for Linux users.

Twitter’s Tanking

December 30, 2013 at 6:49 am PT

2013 Was a Good Year for Chromebooks

December 29, 2013 at 2:12 pm PT

BlackBerry Pulls Latest Twitter for BB10 Update

December 29, 2013 at 5:58 am PT

Apple CEO Tim Cook Made $4.25 Million This Year

December 28, 2013 at 12:05 pm PT

Latest Video

View all videos »

Search »

When AllThingsD began, we told readers we were aiming to present a fusion of new-media timeliness and energy with old-media standards for quality and ethics. And we hope you agree that we’ve done that.

— Kara Swisher and Walt Mossberg, in their farewell D post