Adobe Reader Exploits

Networking/Security Forums -> Exploits // System Weaknesses

Author: graycatLocation: London, UK PostPosted: Wed Apr 29, 2009 11:43 am    Post subject: Adobe Reader Exploits
    ----
it seems we can't go another month without some kind person locating a new 0-day flaw in Adobe's PDF viewing / creating family of software.

How has this affected you in your place of work? Are you sticking with Adobe or moving to something else? Has anyone managed to persuade their company away from the almost standard software that is Adobe?

Personally we've got as far as granted a test program for other readers (FoxIt etc) but have met some extreme resistance for looking at writer / editor versions.

Author: WhiteHatLocation: Italy PostPosted: Wed Apr 29, 2009 1:50 pm    Post subject: Re: Adobe Reader Exploits
    ----
graycat wrote:
Are you sticking with Adobe or moving to something else?

I'm not sure that other adobe-like applications are less prone to vulnerabilities. I think they are just undertargeted by debuggers and get less bugs reports because they're not so widely used.
graycat wrote:
Has anyone managed to persuade their company away from the almost standard software that is Adobe?

Picture yourself a scenario in which you could have a vulnerable application with a limited flaw research and a less commercial support than the Adobe can offer.
If you want to convince the BoD and the users to start a change management process, you need a solid proof that the new choice has a better cost/benefit value.
When I face a similar kind of job, I get the evaluation parameters directly from the regular users and from the mantainers, and then I stress all the applications involved in the comparison in order to obtain the best value for those parameters.
The result is a report that I submit to the BoD.
Btw, even if my experience is in the security product - not in office automation - field , I think the methodology is still applicable.

I hope this will help. Let me know.



Networking/Security Forums -> Exploits // System Weaknesses


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group