Adobe Does What it is Best at: Fixing More Security Holes in Adobe Reader

This Tuesday, Adobe released a slew of updates to fix security holes numbered at 17, all of them critical. One of these was used widely to take control of computers using social engineering and PDF documents. The same vulnerability was present in Flash and was fixed on 10th of June.

adobe-reader-security-vulnerability

This clearly indicates that Adobe uses reusable code across multiple products and given the kind of security vulnerabilities it carries, a hole in one of the Adobe software can easily be present in others as well. Thankfully, hackers Didier Stevens and a researcher at NitroSecurity found these security holes in two separate attempts as a proof-of-concept hack.

Adobe made a statement on this saying,

We added functionality to block any attempts to launch an executable or other harmful objects by default. We also altered the way the existing warning dialog works to thwart the known social engineering attacks.

To counter its vulnerable codes and to improve the security of users, Adobe rolled out a new update system in April this year. It seems to be effective but we all know that patchwork is not the best practice in software development. Adobe should try making its products more secure at the core.

(Source)

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>