Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Adobe Reader 8.2.4 is still showing insecure

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Adobe Systems
And, this specific program:
Adobe Reader 8.x

This thread has been marked as locked.
N2lli2 Adobe Reader 8.2.4 is still showing insecure
Member 23rd Aug, 2010 16:22
Ranking: 0
Posts: 15
User Since: 4th Dec, 2008
System Score: N/A
Location: N/A
Secunia is still showing Adobe Reader as insecure. I had installed the patch from the automatic Adobe Reader updates, and after seeing that it was still insecure, I then rebooted and ran another scan with the same results. So I tried to download the patch from PSI with no results. NOW WHAT??


Peter246 RE: Adobe Reader 8.2.4 is still showing insecure
Member 23rd Aug, 2010 21:24
Score: 0
Posts: 4
User Since: 23rd Aug 2010
System Score: N/A
Location: US
The same is true for me. What I found is that the patch updated some DLL files to 8.2.4, but not the AcroRd32 executable, which remains at 8.2.3.231. PSI rightly detects no change in AcroRd32.exe even though the patch was successful from Adobe's perspective.
Was this reply relevant?
+0
-0

jaw001

RE: Adobe Reader 8.2.4 is still showing insecure
[+]
This reply has been minimised due to a negative Relevancy Score.
Peter246 RE: Adobe Reader 8.2.4 is still showing insecure
Member 23rd Aug, 2010 23:51
Score: 0
Posts: 4
User Since: 23rd Aug 2010
System Score: N/A
Location: US
I tried what you mentioned, but found that the latest full download available from Adobe in the Reader 8 category is Reader 8.2.0. Updates 8.2.1 thru 8.2.4 are not full programs, just patches. There is no full 8.2.4 download.

But I did uninstall and reinstall 8.2.0 anyway just to see, but when I updated 8.2.0 to 8.2.4, it brought me back to the same circumstance.

Patch 8.2.4 does not update AcroRd32.exe, which remains at the 8.2.3 level, and that's the file that PSI is concerned about. The file AcroRd32.dll is updated to 8.2.4, plus a few other DLLs, but not AcroRd32.exe.

So I don't know that there is any worry about security, unless Adobe just screwed up on their patch.

I did notice on the PSI forum topic, Adobe Reader, that a couple of replys stated that a similar thing was happening with Reader 9.
Was this reply relevant?
+0
-0
richardrv RE: Adobe Reader 8.2.4 is still showing insecure
Member 24th Aug, 2010 04:16
Score: 0
Posts: 2
User Since: 24th Aug 2010
System Score: N/A
Location: CA
Same problem with the 8.2.4. Unfortunately this computer requires version 8. However a solution for another of my computers was to uninstall 8.2 and install 9.2. This version updated successfully to 9.2.4.
Was this reply relevant?
+0
-0
thedillpickl RE: Adobe Reader 8.2.4 is still showing insecure
Contributor 24th Aug, 2010 07:55
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
on 23rd Aug, 2010 21:35, jaw001 wrote:
I have found that the only way to get rid of this problem is to uninstall the previous program and download/reinstall the new program, then run PSI. No insecure threats everytime.

The latest Adobe Reader is 9.3.3, remove the 8.x versions using Add/Remove, then download from this link http://get.adobe.com/reader/ , rescan with PSI.


Regards;

Fred

@jaw001, I am very sorry. I meant to give you a +3 but slipped! I've added 3 on this thread: http://secunia.com/community/forum/thread/show/464... to get back to even.

If you post back here with a :) , I will be happy to give you the +3 I feel you deserve.

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+1
-2
This user no longer exists RE: Adobe Reader 8.2.4 is still showing insecure
Member 24th Aug, 2010 09:59
Hi,

Try running a full rescan. Users with version 8.2.4 installed should now be shown as Secure.

hope this helps.
Was this reply relevant?
+0
-0
thedillpickl RE: Adobe Reader 8.2.4 is still showing insecure
Contributor 24th Aug, 2010 19:37
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
Last edited on 24th Aug, 2010 19:40
I understand that 8.2.4 is also a supported version. However, according to http://en.wikipedia.org/wiki/Adobe_Acrobat not much change in AR 9.x :
Adobe Reader 9 drops support for Adobe Reader Extensions 5 and 6 which permit Adobe Reader client software to save changes to filled-in forms in PDFs. Adobe Reader Extensions 6.1 and newer are still supported. Legacy PDFs will still be viewable, however they will open with the warning "This document enables Reader capabilities that are no longer enabled in this Reader version."

Possibly I've missed something.


Fred

p.s. A patch is required to fix the AR 9.3.3 to 9.3.4

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+1
-0
Anthony Wells RE: Adobe Reader 8.2.4 is still showing insecure
Expert Contributor 24th Aug, 2010 20:08
Score: 2445
Posts: 3,336
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Fred ,

Some are stuck with 8 as per @richardry who posted above . It may also be a part of Acrobat 8 .

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+1
-0
richardrv RE: Adobe Reader 8.2.4 is still showing insecure
Member 24th Aug, 2010 20:18
Score: 0
Posts: 2
User Since: 24th Aug 2010
System Score: N/A
Location: CA
Last edited on 24th Aug, 2010 20:27
A full scan today is showing Adobe Reader 8.x as patched. The version detected by PSI is 8.2.4.268.

In "C:\Program Files\Adobe\Reader 8.0\Reader" the AcroRd32.exe version is 8.2.3.231 and the AcroRd32.dll is 8.2.4.268. I guess only the dll needed to be patched.

So problem solved (for me anyway).
Was this reply relevant?
+0
-0
thedillpickl RE: Adobe Reader 8.2.4 is still showing insecure
Contributor 24th Aug, 2010 20:30
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
@richardrv, Will take any good new we can get. :)

@Ant, Was not aware of the need to keep AR 8.x , also did not consider that Acrobat 8 may not allow update to AR 9.


Fred

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+0
-0
Peter246 RE: Adobe Reader 8.2.4 is still showing insecure
Member 25th Aug, 2010 01:10
Score: 0
Posts: 4
User Since: 23rd Aug 2010
System Score: N/A
Location: US
The rescan worked for me; PSI shows 8.2.4 to be up to date.
Was this reply relevant?
+0
-0
N2lli2 RE: Adobe Reader 8.2.4 is still showing insecure
Member 25th Aug, 2010 01:18
Score: 0
Posts: 15
User Since: 4th Dec 2008
System Score: N/A
Location: N/A
Thankyou so much for all your comments. I did another scan and it now shows Adobe as being "Secure"
Was this reply relevant?
+0
-0
Dentmax RE: Adobe Reader 8.2.4 is still showing insecure
Member 25th Aug, 2010 01:34
Score: 0
Posts: 2
User Since: 25th Aug 2010
System Score: N/A
Location: N/A
Adobe reader is inherently insecure with default settings. These few steps will go a long way to helping to minimize the security issues set up in the default settings.

Under the edit tab choose preferences, select java script then un-check. Why would a reader need to run java?

Then select trust manager. Under File attachments Un-check PDF to run non PDF external applications. Why would we let a reader run non PDF applications on our machine?

Scary!

Credit these tips to Steve Gibson from Security Now podcast.
Was this reply relevant?
+0
-0
Peter246 RE: Adobe Reader 8.2.4 is still showing insecure
Member 25th Aug, 2010 01:58
Score: 0
Posts: 4
User Since: 23rd Aug 2010
System Score: N/A
Location: US
Hi Dentmax,
Thanks for those tips - I've made the changes. And thanks to Steve Gibson - he's been around a long, long time keeping on top of stuff.
Was this reply relevant?
+0
-0
Anthony Wells RE: Adobe Reader 8.2.4 is still showing insecure
Expert Contributor 25th Aug, 2010 10:33
Score: 2445
Posts: 3,336
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 25th Aug, 2010 10:35
Hi Dentmax ,

Good advice from Steve Gibson (as one would expect) ; just be aware that Javascript and Java are quite different things .

My bank and the Secunia OSI require Java for them to operate correctly as do many gaming sites .

http://en.wikipedia.org/wiki/Java_%28programming_l...

http://en.wikipedia.org/wiki/JavaScript

Take care

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+1
-0
Dentmax RE: Adobe Reader 8.2.4 is still showing insecure
Member 25th Aug, 2010 15:42
Score: 0
Posts: 2
User Since: 25th Aug 2010
System Score: N/A
Location: N/A
Sorry ... I am aware they are different. I meant to say disable JavaScript. If a PDF reader needs JavaScript for something you need, then turn it on for that need, but why would you need it on all the time? Adobe reader is one of the major programs that is a zero day exploit. It can and does allow remote code execution currently in the wild. It is known to be widely used by hackers to take control of your machine without you even knowing it.

Thank you for the correction.
Was this reply relevant?
+0
-0
jaw001 RE: Adobe Reader 8.2.4 is still showing insecure
Member 25th Aug, 2010 23:16
Score: -9
Posts: 6
User Since: 12th Feb 2010
System Score: N/A
Location: N/A
I unistalled Adobe Reader, then went to the Adobe site and downloaded version 9.3.4 and ran PSI again and the insecure messages disappeared.
Was this reply relevant?
+3
-0
thedillpickl RE: Adobe Reader 8.2.4 is still showing insecure
Contributor 26th Aug, 2010 01:45
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
@jaw0001;

:)

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+0
-0
hogdigerdy RE: Adobe Reader 8.2.4 is still showing insecure
Member 26th Aug, 2010 13:01
Score: 1
Posts: 18
User Since: 14th Jan 2010
System Score: 100%
Location: UK
@thedillpickl
[quote=p24727]The latest Adobe Reader is 9.3.3, remove the 8.x versions using Add/Remove, then download from this link http://get.adobe.com/reader/ , rescan with PSI.

i've tried this and psi is still telling me the program is insecure, C:\program files\ adobe\reader 9.0\reader\AcroRd32.exe to be precise, someone mentioned a patch 9.3.4 but i cant seem to find it anywhere

any help would be appreciated as i'm stumped


--
MS Windows XP Pro SP3
AMD Athlon 64 3200+ @2000 MHz
1.024GB DDR-SDRAM
Sapphire Radion X300SE
HDD- WDC 160GB partitioned to C:\ 60GB, D:\ 100GB, + Seagate 250GB external
Was this reply relevant?
+0
-0
This user no longer exists RE: Adobe Reader 8.2.4 is still showing insecure
Member 26th Aug, 2010 13:11
Hi,

The PSI will deliver the patch you need if you click the "Solution" button in the PSI interface.
Was this reply relevant?
+0
-0
hogdigerdy RE: Adobe Reader 8.2.4 is still showing insecure
Member 26th Aug, 2010 13:26
Score: 1
Posts: 18
User Since: 14th Jan 2010
System Score: 100%
Location: UK
hi

i'ed just figured it out, the problem was i was uninstalling adobe reader 9.3.3 then looking for 9.3.4 to install, but you don't need to uninstall 9.3.3 just apply the 9.3.4 patch to it,

i had previously tried the secunia "solution button" which didn't solve the problem, although i must confess to not trying it in the last couple of days under the presumption it didn't work,

all sorted now, and back to 100%

cheers

--
MS Windows XP Pro SP3
AMD Athlon 64 3200+ @2000 MHz
1.024GB DDR-SDRAM
Sapphire Radion X300SE
HDD- WDC 160GB partitioned to C:\ 60GB, D:\ 100GB, + Seagate 250GB external
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer