January 12, 2016

Adobe and Microsoft each issued updates today to fix critical security problems with their software. Adobe’s patch tackles 17 flaws in its Acrobat and PDF Reader products. Microsoft released nine update bundles to plug at least 22 security holes in Windows and associated software.

brokenwindowsSix of the nine patches Microsoft is pushing out today address flaws the software giant considers “critical,” meaning the vulnerabilities could be exploited by malware or miscreants to break into vulnerable computers remotely without any help from users. The critical updates tackle problems with Internet Explorer, Microsoft Edge, Office and Silverlight, among other components. Links to all of the updates are available here.

As noted by security firm Qualys, several versions of Internet Explorer will get their last security updates this month, including IE 11 on Windows 7 and 10; IE 8, 9 and 10; IE 10 on Server 2012; IE 9 on Vista Service Pack 2 and Server 2008; and IE7 and IE8. If you’re using one of these older versions of IE, consider switching — either to a newer, supported version of IE, or to something less tightly bound to the Windows operating system, such as Google Chrome.

It appears that Microsoft pulled one of the updates (MS16-009) at the last minute, probably due to issues in testing the fix to make sure it won’t interfere with other programs. In any case, if you use Microsoft’s products, take a moment this week to make sure that you’re up to date with these and other available security patches from Redmond.

adobeshatteredSeparately, Adobe has released critical updates for Adobe Acrobat and Reader. Adobe said it was not aware of any active attacks against the vulnerabilities fixed in this month’s release. Adobe also is phasing out older versions of Acrobat and Reader: As the company notes in this blog post, Adobe Acrobat X and Adobe Reader X are no longer supported.

Adobe Reader comes bundled with a number of third-party software products, but many Windows users may not realize there are alternatives, including some good free ones. For a time I used Foxit Reader, but that program seems to have grown more bloated with each release. My current preference is Sumatra PDF; it is lightweight (about 40 times smaller than Adobe Reader) and quite fast.


32 thoughts on “Adobe, Microsoft Push Reader, Windows Fixes

  1. Robert Reid

    I use the free and excellent PDF-XChange Viewer.

    Unfortunately Foxit has no OCR capability. Users also need to exercise care during installation to avoid a variety of unwanted components and system changes, the make-up of which is changed regularly. The user manual must be downloaded separately.

    As for Patch Tuesday, beware of the Silverlight update and the Windows 10 nagware kb2976978. Right-click and hide both of these.

    1. JG Network Security

      I don’t really think you should hide the Silverlight update, if you have Silverlight installed. I know I use it mainly for System Center but this update patches a critical vulnerability so if you do have Silverlight already on your system, it makes sense to get the latest version, since this vulnerability is one of those hacking team 0-days that has been around for a while. If you know you don’t have Silverlight and Don’t want it, then you can right click and hide it. It’s just that some users have it and don’t even realize its there, so telling them not to download this update is not smart unless the user knows what they are doing and they definitely don’t have Silverlight on their system. Thanks

  2. Matthew P Clements

    I wonder what Microsoft is going to break for my end users tomorrow. Outlook? Excel? One can only wait and hope…

    1. Xaume

      Ha yes! Like a few weeks ago with the update that made Outlook open in safe mode. That was so much fun to figure out!

  3. Jakub Narębski

    Sumatra PDF has the additional advantage that it does not lock the PDF file, so you can refresh it (by generating it again), and it is automatically or manually updated in Sumatra PDF viewer.

    1. Shawn

      However Sumatra can’t fill in PDF forms, so you need to be aware that it’s not a one-size-fits-all. If you want the ability to view PDFs only, Chrome can render them in browser. Just drag and drop PDFs into a Chrome window.

    1. Robert Reid

      Windows 8 falls under the same lifecycle policy as Windows 8.1, and will reach end of Mainstream Support on January 9, 2018, and end of Extended Support on January 10, 2023. With the General Availability of Windows 8.1, customers on Windows 8 have 2 years, until January 12, 2016, to move to Windows 8.1 in order to remain supported.

  4. Caleb

    Brian,

    You may want to rephrase the section about IE 11 as it’s misleading regarding end of support for it (which it’s not according to both Qualys and Microsoft in the links.)

  5. notsafe

    My favourite after Firefox’s internal reader is to use Google as PDF (and other formats too) reader:

    Bookmark https://docs.google.com/viewer?url=%s
    and add keyword, eg. docs.

    Then just hit on the address bar docs followed by space and the pdf url.

  6. Dean Marino

    IF, like us, you are seeking to avoid any hint of Windows 10 on a perfectly operating Windows 7 machine….

    It’s a good time to remind you to “check for updates, but let me choose whether to download and install them”, HIDE any updates not marked as SECURITY, disable “recommended updates”.

    Windows Update, sadly, has been politicized – be very careful what you DOWNLOAD, let alone install. And strongly consider a free copy of Win10WIWI, if you do NOT desire Windows 10.

      1. SeymourB

        I found the GWX control panel to be useful in blocking Windows 10. Even if you download one of the “critical” updates (e.g. KB3035583) that lays the framework for GWX nagware, you can at least stop it from nagging you. Given that Microsoft’s adopted the tactics of malware authors in the nagware, where you’re given the choice of installing “now” or “later” (the only way to avoid triggering the installer is to use little X – that with each iteration keeps getting smaller – to close the window).

    1. Random

      The easiest way to deal with the Win10 ‘nagware’ right now is to enable the ‘Turn off the upgrade to the latest version of Windows…’ option in Group Policy, as MS released a couple of patches over the last 8 months to add that as a policy option (but to quietly bury it in the process). Although, this may not be available in every edition of Windows 7/8/8.1.

      1. Windows Mouse

        Just thought I would remind readers that there is no Group Policy Editor for non-Pro versions of Windows 8.1 however the removal of GWX is doable, it just takes patience and a few permissions changes. Window 10 killed my WIFI, had to go back.

        1. SeymourB

          On one of my systems Windows 10 BSODs during the install process, even on a fresh install. God knows what’d be broken on that box if it actually got through the installation… on the other hand I have an ancient Core Duo Dell Latitude and Windows 10 (x86) is perfectly functional there (at least with all the spyware disabled).

  7. Ron B

    If you are on windows 8.1 or below and are concerned about the nagging Windows 10 update messages try GWX control panel. This is freeware and monitors your system for Win 10 install files.

  8. George S

    Sumatra pdf is small and fast, but that is it.

    With Foxit Reader you can fill out forms, even when they are not “fillable”.
    A huge advantage.

  9. Sasparilla

    I just use Firefox’s (the free web browser) internal PDF reader.

  10. Vicky Braaten

    Is the company Empire Tech Support LLC a trustworthy company?

    1. Some Guy

      I dunno, what is your question in relation to? Need some context for a better answer, but here’s some thoughts and results.

      Did they call you and claim to be from MS about a virus? In that case, they aren’t trust worthy, MS will never initiate a call like that to an normal end user. Similar answer if they are claiming to be from some sorta support contacting you about your computer, if they want money or want you to install something on your computer, they are likely fake. Ask them what your IP is, and see if they are telling the truth by going to whatismyip.com on the computer. Almost guaranteed they will give you a misleading answer that doesn’t match that.

      When I google them (without the LLC), I don’t see them on first page of hits, that’s another red flag. When I add the LLC, I see them pop up as a registered LLC but only from about 6 months ago. That’s iffy. If you have a job being offered, I’d hesitate unless it’s a startup that you want to risk. If they are offering franchises, that’s really shady, 6 months isn’t enough to establish oneself for that.

  11. Some Guy

    Instead of all these third party links about what MS is doing, here’s the actual info from MS themselves:
    https://support.microsoft.com/en-us/lifecycle#gp/Microsoft-Internet-Explorer
    https://www.microsoft.com/en-us/WindowsForBusiness/End-of-IE-support

    summary of what IE versions are STILL supported as of now and will STILL receive updates on what OS:

    Windows Vista SP2 Internet Explorer 9
    Windows 7 SP1 Internet Explorer 11
    Windows 8.1 Update Internet Explorer 11
    Windows Server 2008 SP2 Internet Explorer 9
    Windows Server 2008 R2 SP1 Internet Explorer 11
    Windows Server 2012 Internet Explorer 10
    Windows Server 2012 R2 Internet Explorer 11

    What Krebs has posted is confusing. For instance IE 11 is still being updated on windows 7… if you have SP1. But that’s similar to MS support, you need to have SP1 on win 7 to get support of the OS too.

  12. James

    The bad thing about Microsoft GWX (Windows 10 update), is that it does not check to see if your hardware (for me CPU) is supported. It would be nice if you could disable it and provide reason to Microsoft why it was disabled, or better yet, perform a test to see if hardware is supported or not.

    My CPU is an older socket 775 Pentium D 945. Itruns Windows 32-bit perfectly with 2GBs RAM.

    1. Mike

      It doesn’t matter. It’s completely irrelevant.

      You WILL update to the newest OS
      You WILL conform
      Resistance IS futile

      If your machine has problems after the update/upgrade that another update doesn’t fix then you ARE expected to purchase a new machine with the newest OS pre-installed. Non-compliance with this mandate WILL result in complete loss of support (in any sense of the word) and a label of ‘LUDITE’ under your profile pic.

      Let’s face it…..you’re going to update at some point anyway.

    2. JCitizen

      Did you try running this in an elevated command prompt?

      schtasks.exe /Run /TN “\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser”

      I simply clicked around after selecting the Windows symbol in the system area nag notification, and did the same thing.

      So far the appraisal has been accurate on every machine I’ve upgraded. YMMV

  13. Bob

    Windows 7 x64 Ultimate – Two Office 2007 updates failed while installing all security-related updates. One was for PowerPoint, I’m afraid I’ve forgotten the other. A reboot and re-running Windows Update took care of the problem.

  14. nicole a

    As far as the GWX; it’s the only thing I have found that can stop Microsoft from installing Windows 10 against my will; for now. I use an Alienware 18R2 and have dual Nvidia GTX 770M’s. Alienware and Nvidia sites are full of people with computer’s that have the same configuration as mine and their computer’s are not just crashing but being destroyed when running Window’s 10. I have held out with Windows 7 so I haven’t had this problem but it has gotten so bad, Alienware has had to set up a reporting site for people to go to be able to report the destruction of their computers. Most are out of warranty so I don’t know what will happen for them but these are expensive machines and to just be destroyed like that; just isn’t right. Either Microsoft or Nvidia or combination of both must be culpable.

    1. JG Network Security

      There are so many ways not to get windows 10. The easiest is just keep your harddrive pretty full and there won’t be enough room for it to install. You need like 10gb of free space for it to install. You also could just remove the GWX from the registry, hide the updates, use the GWX control panel apps, or if your computer can handle it just go to windows 10. It is soo much lighter and faster than 7. Much better security features, the file explorer is so much better, I would never go back to 7, just because of the File explorer and all the added icons, plus the colors of 10 vs 7, and I can go on and on, I have windows 7 PC’s in my office, but my personal computers are all running 10 and I would never go back to 7, just because of the quickness and added features that I use all the time, I highly suggest you to give 10 a shot as long as your computer is not a piece of old crap. then definitely stick on 7, my old Desktop is still on Vista Enterprise because updating Enterprise is such a bitch and I wont get the free update to 10.
      but otherwise I move all the new ones to 1511 not 10240 , the 1511 update makes 10 so much better.

  15. Bill

    It shocks me that Adobe still hasn’t fixed its Reader so it notifies users when there is a new version of Reader. Currently it only tells you when there is an update to the version you have (for example if you have DC and there’s a new patch to DC), but will say “No Updates Available” when a newer version of the whole reader has been released. So many, many, many people still have X not realizing XI is available, and when have XI not realizing DC is available, and as far as they know, their reader is up to date. Brian, can you ask Adobe to address this?

Comments are closed.