Comments on: Experts Warn of Zero-Day Exploit for Adobe Reader

By: Rob Simpson

Rob Simpson — Tue, 04 Dec 2012 22:15:36 +0000

Yep you are very right. Software companies try to plug their leaky software with security features, that then stop their software from functioning in any useful way at all. Gotta love the old IIS lockdown tool, IEESC, Windows UAC and the like. The first thing IT departments have to do is turn all this nonsense off to get the software functional again.

By: JimboC

JimboC — Fri, 23 Nov 2012 14:49:33 +0000

I have found the original article from BleepingComputer that mentioned the above settings. It is actually a forum thread, the first post contains advice on securing Adobe Reader.

I hope this helps. Thank you.

http://www.bleepingcomputer.com/forums/topic362758.html

By: Chuck

Chuck — Tue, 13 Nov 2012 02:37:08 +0000

I have used TurboTax for many years, and in recent times I have used PDF-Xchange as my sole PDF reader. TurboTax’s PDF files work fine with this reader. I can’t see any reason why they wouldn’t work with just about any PDF reader, unless there is something extremely special about the PDF files that TurboTax creates.

By: Chuck

Chuck — Tue, 13 Nov 2012 02:32:36 +0000

I use PDF-Xchange, but it’s never clear to me whether (or which) Adobe vulnerabilities carry over to this reader, and the vendor’s website doesn’t provide much help in answering this question. Is there some reasonably transparent way to determine which vulnerabilities are specific to the Adobe Reader, and which ones carry over to other readers as well? Thanks.

By: Steve Lembark

Steve Lembark — Mon, 12 Nov 2012 03:39:18 +0000

Q: Anyone know if the exploit works if Adobe is in lxc (“containers”)?

By: Chris Novak

Chris Novak — Sat, 10 Nov 2012 15:55:17 +0000

>>Rabid Howler Monkey Thanks for the advice.
But switching from Internet Explorer or Mozilla Firefox (with their Adobe Reader plugins) to Google Chrome, which is faster (IMHO) and has its own self-contained plugins for Flash and Reader, should take care of known browser-online PDF issues.

And using OPEN WITH on any PDF file would allow selection of Google Chrome as the default PDF Viewer would provide a nice non-adware non-bloatware alternative to Foxit or Nitro. And of course, subsequent use of Right-click “Open With” would allow temporary selection of Adobe Reader if any document proves troublesome in Chrome’s built-in PDF viewer.

I’m all for “bullet-proofing” Adobe Reader for maximum compatibilty, but we all know it’s an Arms Race: One side develops thicker armor, and the other side builds a larger shell. Side-stepping the issue by fracturing the PDF viewer platform makes tactical sense (which is why Microsoft keeps recommending an alternate browser until unpatched major IE flaws are fixed.

Other comments or suggestions?

By: mechBgon

mechBgon — Sat, 10 Nov 2012 05:13:43 +0000

Fair enough, let’s look at your info there. There’s one mention of PDF exploits on the page, which is this one:

http://www.securelist.com/en/advisories/47133

Following the trail, we find Adobe’s security advisory:

http://www.adobe.com/support/security/bulletins/apsb11-30.html

Which says, “Adobe Reader X Protected Mode and Adobe Acrobat X Protected View would prevent an exploit of the type currently targeting these vulnerabilities (CVE-2011-2462 and CVE-2011-4369) from executing.”

The sandbox is working there. If people run verion 9.x, then they have a problem.

I certainly welcome an expert comparison of Adobe’s sandboxing tech, all-out ASLR enforcement, Protected Mode/Protected View, and overall security development lifecycle against any contenders whom you feel are putting equal effort into their product’s security.

In my habit of contributing something useful: anyone with concerns about their PDF reader (or any other app) getting exploited and launching a payload could look into Software Restriction Policy, which I have a writeup on at mechbgon.com/srp. Properly done, it’s very potent against a broad swath of exploits, Trojans and worms.

By: Rabid Howler Monkey

Rabid Howler Monkey — Sat, 10 Nov 2012 01:29:19 +0000

Thanks, Old School. TurboTax 2012 Online vs. installed on a Windows PC, perhaps? Or, maybe, Adobe Reader is not a ‘hard’ system requirement as indicated by Intuit for many of their products.

http://turbotax.intuit.com/support/iq/Install-Product/TurboTax-2012-System-Requirements/GEN84801.html
Updated: 10/04/2012
“Below are the minimum requirements for TurboTax 2012 software installed on a Windows computer. The 2012 versions are Basic, Deluxe, Premier, Home & Business, and Business.
Third-Party Software: Adobe Reader 8+

Perhaps some more Intuit (and Sage) financial software users will weigh in as TurboTax is one of many financial products.

By: Old School

Old School — Sat, 10 Nov 2012 00:01:35 +0000

SOURCE: http://turbotax.intuit.com/support/iq/Print-and-Save/Save-Your-Tax-Return–PDF-File-/GEN12337.html
“Tax returns saved as Portable Document Format (PDF) files can be viewed and printed through the free Adobe Reader or Foxit Reader software instead of TurboTax.

This comes in handy if you don’t have TurboTax software installed on your computer, or if you need a copy of your return after TurboTax Online shuts down for the tax year.”
So TurboTax supports Foxit. Happy Tax Season!!!

By: Doug

Doug — Fri, 09 Nov 2012 18:35:21 +0000

I’ve used Foxit Reader before during version 1 and 2, and like all other software, the later versions seems to have become more and more bloated with each release. If you install Foxit Reader, just make sure to use “Custom” and uncheck the boxes that installs the extra junk.

Ninite is awesome, it automatically installs your selected software without any of the toolbars or junk….I use it just about daily on customer’s PC’s.