Secunia CSI7
About us
Careers
Memberships
Newsroom
Contact us
Blog
News
Articles

Serving insecure software

Get this blog as an RSS Feed
History repeats itself...
16:48 CET on the 17th February 2010
Entry written by Thomas Kristensen.

We've received numerous support requests from Secunia PSI users who were puzzled about a warning from the PSI about a freshly downloaded Adobe Reader being insecure.

After looking at this we can conclude that once again Adobe serves an insecure version of Adobe Reader from its website, since we don't like to repeat ourselves you can literally read our blog from 21st July 2009 and replace version 9.1.0 and 9.1.1 with 9.3.0 and 9.3.1:
http://secunia.com/blog/58/

This does not seem to be aligned with this quote from Brad Arkin, Director of product security and privacy at Adobe, January 12 2010: "We know that getting people updated and keeping them updated is the number-one thing we can do in terms of keeping them protected against attacks"

According to this article in Techworld, 80% of all attacks exploiting vulnerabilities in Q4 2009 exploited vulnerabilities in Adobe Reader. While this number sounds a bit too high in my ears, it is certainly indicating that criminals have a new favorite target.
http://news.techworld.com/security/3212863/adobe-patches-pdf-vulnerabilities/

Serving vulnerable versions is not going to improve these sad statistics.

Stay secure,

Thomas

Discuss this blog entry
A new thread in our forum is created. Activate the thread by commenting/discussing below.
Subject: Serving insecure software
 
No posts yet

-

You must be logged in to post a comment.



 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Factsheets
Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability