Adobe still distributing old vulnerable Reader
Date: Thursday, February 18, 2010 @ 13:39:04 UTC
Topic: Adobe

Security service provider Secunia has reported that Adobe is still distributing versions of Adobe Reader that contain known vulnerabilities. On Tuesday, Adobe had warned in a security advisory of a critical vulnerability in version 9.3. Adobe stated it had released an out-of-series update to version 9.3.1 to fix the problem. However, users only get that more secure version through the update mechanism installed with Reader.

As a test   found, on the official download page Adobe is actually offering the old version. This was confirmed by The H Update Check which reported that the vulnerable 9.3.0 version was installed. Shortly after the built-in update mechanism in Reader kicked in and announced that a new version was ready for installation.

A similar problem occurred with Adobe in Summer 2009. Users should manually update by triggering the update mechanism (Select Help in Reader and then Check For Updates) immediately after installing the PDF reader - or just choose a safer alternative product.


This article comes from NB Productions Your guide on the Web since 2000

The URL for this story is: