navigation bar left navigation bar right

Secunia CSI7
navigation left tab About us navigation right tab
navigation left tab Careers navigation right tab
navigation left tab Memberships navigation right tab
navigation left tab Newsroom navigation right tab
navigation left tab Contact us navigation right tab

Serving insecure software

Get this blog as an RSS Feed
History repeats itself...
16:48 CET on the 17th February 2010
Entry written by Thomas Kristensen.

We've received numerous support requests from Secunia PSI users who were puzzled about a warning from the PSI about a freshly downloaded Adobe Reader being insecure.

After looking at this we can conclude that once again Adobe serves an insecure version of Adobe Reader from its website, since we don't like to repeat ourselves you can literally read our blog from 21st July 2009 and replace version 9.1.0 and 9.1.1 with 9.3.0 and 9.3.1:

This does not seem to be aligned with this quote from Brad Arkin, Director of product security and privacy at Adobe, January 12 2010: "We know that getting people updated and keeping them updated is the number-one thing we can do in terms of keeping them protected against attacks"

According to this article in Techworld, 80% of all attacks exploiting vulnerabilities in Q4 2009 exploited vulnerabilities in Adobe Reader. While this number sounds a bit too high in my ears, it is certainly indicating that criminals have a new favorite target.

Serving vulnerable versions is not going to improve these sad statistics.

Stay secure,


Discuss this blog entry
A new thread in our forum is created. Activate the thread by commenting/discussing below.
Subject: Serving insecure software
No posts yet


You must be logged in to post a comment.

 Products Solutions Customers Partner Resources Company
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
Technology Partners
 About us

Secunia is a member of FIRST Secunia is a member of EDUcause Secunia is a member of The Open Group Secunia is a member of FS-ISAC
Secunia © 2002-2015 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer
follow Secunia on Facebook follow Secunia on Twitter follow Secunia on LinkedIn follow Secunia on YouTube follow Secunia Xing follow Secunias RSS feed follow Secunia on Google+