Adobe Admits Users Are Vulnerable After Downloading Reader. From CIO Magazine.
Adobe leaves vulnerable versions of Reader (For example version 9.1) for download on its web site, and the user can only update (to, say 9.1.2) by patching. But the automatic patching mechanism, for many users, does not run at first execution and may not update Adobe Reader for days or weeks, leaving those users unknowingly vulnerable. Meanwhile, “Hackers continue to hammer Reader. According to New York-based CA today, there are “a vast number of malicious PDF files in circulation on the Internet,” many of them pitching multiple exploits at Windows users”.
Adobe is reevaluating its practices for updating Reader.
Related posts:
Pingback: Adobe Admits Users Vulnerable After New Install | Adobe Tutorials