Adobe

Here’s the latest twist in the “membership” site scam: spam emails that tell potential victims to update their Adobe Reader include links to a web site intended to look like something related to Adobe products, but is selling “memberships.” The REAL way to update your Adobe software is on the help menu: help | check for updates (see the end of this blog piece for details). The spam email: ...

Adobe Reader X is now available! Download Reader X for desktop at http://get.adobe.com/reader/ or access the mobile app on the Android Market via your Android device. With over one billion downloads, Adobe Reader continues its leadership as the global standard in PDF viewing and interaction. Reader X for desktop enables an even greater level of interaction with the ability to share feedback through the use of Sticky Notes and Highlighter tools, as well as view a larger variety of content types including drawings, email messages, spreadsheets, videos, and other multimedia elements. You can also take advantage of the added security of Protected Mode in Reader X, which helps ensure safer viewing of PDF files. ...

The Redmond company today published its announcement for the upcoming November Patch Tuesday. Microsoft wants to release 3 security bulletins which deal with 11 security vulnerabilities within Office and PowerPoint (up to the brand new Office 2011 for Mac) and Forefront Unified Access Gateway. A patch for the just recently detected 0-day vulnerability in Internet Explorer is not in the list. Adobe meanwhile ships an update for the Flash Player to version 10.1.102.64 today and plans one for the Reader and Acrobat next week. The Flash update is available via the Download Center and fixes the“authplay” vulnerability which got public last week. But the company has to deal with a new security vulnerability as well. It’s not yet exploited and it remains currently unknown whether it is exploitable to infect PCs with malware, but Adobe investigates the flaw. On a public security list a so-called Proof-of-Concept (PoC) has been published which just shows a Denial-of-Service attack. ...

Avira TechBlog: Adobe warns of a new vulnerability in Flash Player and in Reader. The problem is within authplay.dll and the corresponding .lib in the Unix versions. It allows attackers to inject malicious code like Trojans with specially prepared documents or Flash objects. The company works on a patch which it plans to release on the 9th of November. Until then, deleting the authplay library helps to prevent a successful attack. Flash or Reader will crash then when a file requests the services from authplay, but this is clearly better than having an infected system. ...

Adobe have published details of a critical vulnerability the following applications. Adobe Flash Player 10.1.85.3 and earlier versions Adobe Reader 9.4 and earlier 9.x versions Adobe Acrobat 9.4 and earlier 9.x versions The vulnerability could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Reader and Acrobat 9.x. Adobe is not currently aware of attacks targeting Flash Player. ...

At its MAX conference, Adobe not only announced Air 2.5 for phones, tablets, and TVs but it also confirmed that it would be bringing Flash Player 10.1 to Microsoft’s Windows Phone 7, RIM’s BlackBerry OS, HP’s WebOS 2.0, Symbian, MeeGo, and the LiMo platform. Unfortunately, there’s still no timeline for a release on each platform; Adobe is only saying that Flash 10.1 is “expected” to hit each mobile OS. These six platforms will join Android 2.2, which has had Flash since June 2010. The current list of Adobe Flash Player 10.1 certified devices is thus not very long, but if Adobe manages to deliver on what it’s promising, it should grow very rapidly. The news today also means that the iOS is the only major mobile platform that will not support the plug-in: Apple won’t let it touch the iPhone, the iPod touch, or the iPad. ...

Windows is an attractive platform for the malware writers, in part, because of the sheer number of users. As Microsoft creep towards making their offerings more secure, applications are increasingly becoming the focus for vulnerability exploitation. Like Windows, Adobe products are a default software choice for most users. The bad guys know this and realize that its profitable to scrutinize their applications for exploitable vulnerabilities and create malware to take advantage of the fact. ...

Researcher sees ‘unprecedented wave of Java exploitation’ Oracle’s Java framework has surpassed Adobe applications as the most attacked software package, according to a Microsoft researcher who warned she was seeing “an unprecedented wave of Java exploitation.” The spike began in the third-quarter of last year and has climbed steadily since, according to data reported on Monday by Holly Stewart, a member of the Microsoft Malware Protection Center. By the beginning of this year, the number of Java exploits “had well surpassed the total number of Adobe-related exploits we monitored,” she said. ...

The New Acrobat X is finally here! What can it do for education? Here is a quick list of new and improved features: New user interface The Interface tool pane brings top user needs out front Customizable Tool Bar Tools Pane reveals most useful tools to improve productivity Tools and Tasks are easier to access HUD display provides more real estate for viewing __ Amazing document repurposing New export options allow for Word and Excel options including headers, footers, and worksheets New scanning engine improves accuracy and file size Efficient tagging and reflow ensure viewing and access on a variety of screens __ ...

Right now Adobe AIR is only officially available for 32-bit Linux. But it does work on 64-bit Linux with the 32-bit compatibility libraries. There are several ways to install Adobe AIR on Linux. My preferred way on Ubuntu is to use the .deb package. However the .deb package distributed by Adobe can only be installed on 32-bit systems. Good news is that this can be easily fixed! To install the Adobe AIR .deb package on a 64-bit system just follow these steps: ...