Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Adobe Reader 9.3.4 SA41340

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Adobe Systems
And, this specific program:
Adobe Reader 9.x

This thread has been marked as locked.
bonnie23 Adobe Reader 9.3.4 SA41340
Member 11th Sep, 2010 18:03
Ranking: 1
Posts: 20
User Since: 8th Nov, 2009
System Score: 100%
Location: US
When I saw Adobe Reader was a threat I opened it to see what version I had installed. It was 9.3.3. I updated to the latest 9.4.4 but it is still insecure with a category ___5 threat. No luck at their website. Any clue what to do? I would uninstall it but there are some websites and browsers that won't download information unless you have it.
I use FF PDF Reader to open anything downloaded, but it appears this program won't always be used to download the information.
C://WINDOWS\system32\Adobe\Reader\9.0\Reader\AcroR d32.exe
I have rescanned with Secunia PSI twice.

--
bonnie23

topper RE: Adobe Reader 9.3.4 SA41340
Member 11th Sep, 2010 18:16
Score: 0
Posts: 12
User Since: 25th Jan 2009
System Score: 91%
Location: NL
Hallo, as far as I know, Adobe Reader has had always the possibility to use in apropriate. To make your system more secure it is best to install te latest version.
best wishes, topper

--
Topper
Was this reply relevant?
+0
-0
TiMow RE: Adobe Reader 9.3.4 SA41340
Dedicated Contributor 11th Sep, 2010 18:56
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Last edited on 11th Sep, 2010 18:58
Hi bonnie23

I don't know if you've done a typo but on the Adobe Reader download site, the latest is 9.3.4. - which I believe is currently insecure - no fix at present - I can't be 100% certain as I uninstalled Adobe Reader (due to continual, re-occurring problems) last year and use another PDF reader.

If you only require Reader to open PDF files from the net or docs received via e-mail, then there other good, free alternatives you can consider.

A forum contributor - Maurice Joyce - wrote a piece earlier this year, outlining some of the choices and considerations. But as he makes many posts/replies, it could be hard to find - click on his name on a current thread he's contributed to, to see his posts; or you could just do a Google search for free PDF Readers.

Alternatively, you could consider what I and some other forum members use - Foxit Reader.

If you choose to uninstall Adobe (you can always re-install at a later date) and install Foxit, run a custom install and look out for un-needed extras - Ask Toolbar if I remember rightly - and untick the checkbox - you don't need it.

Some readers may see my advice as bad form to recommend alternative software, but it really is much less hassle to do so.

TiMow

EDIT: Don't worry when you see on a site "Adobe Reader required" - I've never had a doc. not open with Foxit, when this has been present.

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+2
-0
mogs RE: Adobe Reader 9.3.4 SA41340
Expert Contributor 11th Sep, 2010 19:11
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Hello.
If you go to last month's CYBERCLIP thread at :-
http://secunia.com/community/forum/thread/show/487...
and then scroll down to posts 50 and particularly 66....you'll find articles on alternatives. Ditch the malware magnet being the theme.
Regards,

--
Was this reply relevant?
+1
-0
scrutin RE: Adobe Reader 9.3.4 SA41340
Member 11th Sep, 2010 21:31
Score: 1
Posts: 5
User Since: 10th Sep 2010
System Score: N/A
Location: N/A
It is true that Adobe Reader is not necessary. Foxit, for example, can do the job. The real problem is that when I uninstall Adobe Reader, and I use programs to get rid of relevant registry stuff as well, Secunia still insists that I have Adobe Reader security risks. Does anyone know what specific item has to be deleted in order to satisfy Secunia?
Was this reply relevant?
+0
-0
mogs RE: Adobe Reader 9.3.4 SA41340
Expert Contributor 11th Sep, 2010 21:58
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Hello.
What version of psi are you using ?
Generally, whenever you update, older files/versions get left behind...these, psi continues to detect even if still residing in the Recycle bin.
Alongside the insecure entry in earlier versions, you'll see a + sign.....clicking on that will cause the entry to expand and reveal the file path. If uncertain how to proceed, post the info to the forum.
Hope this helps regards,


--
Was this reply relevant?
+1
-0
scrutin RE: Adobe Reader 9.3.4 SA41340
Member 11th Sep, 2010 23:04
Score: 1
Posts: 5
User Since: 10th Sep 2010
System Score: N/A
Location: N/A
Hurray! I finally did get rid of the four notices that Secunia had about Adobe Reader. But it is a very laborious process and requires, at least for me, the use of some third party tools. I used File Locator Pro to find all files in Drive C that begin with "acro." Also I went through "Common Files" in both Program Files and Program(86)Files(I am using Vista X64). These procedures eliminated two of the four "threatsl"

Then I went to JVPowerTools and used its Registry Finder to locate all mentions of "Acrobat." I then deleted all of them.

Did these files really constitute a "threat"? I really do not like to use the rather drastic registry procedure indicated above as that could be dangerous. If Secunia could distinguish between real threats and harmless, if superfluous, files lying around, we would not have to use relatively risky procedures to get rid of these constant warnings. But, of course, that kind of precision may not be possible, so I guess we will have to do the best we can.
Was this reply relevant?
+1
-0
TiMow RE: Adobe Reader 9.3.4 SA41340
Dedicated Contributor 12th Sep, 2010 10:01
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Last edited on 12th Sep, 2010 11:49
@bonnie23

The following thread on a similar theme, currently running, may be of interest.

http://secunia.com/community/forum/thread/show/548...

Coincidently, the first reply from @Maurice Joyce, contains the link to the article on PDF Readers he wrote, to which I referred above.

TiMow

EDIT: @mogs; hi mogs - just a thought - if you reference a post on the lengthy CYBERCLIPS thread(s), it may be better to give the date and time of the relevant post for easier finding, rather than scrolling and counting the way down.

Regards

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+1
-0
bonnie23 RE: Adobe Reader 9.3.4 SA41340
Member 17th Sep, 2010 07:06
Score: 1
Posts: 20
User Since: 8th Nov 2009
System Score: 100%
Location: US
on 11th Sep, 2010 18:03, bonnie23 wrote:
When I saw Adobe Reader was a threat I opened it to see what version I had installed. It was 9.3.3. I updated to the latest 9.3.4 but it is still insecure with a category ___5 threat. No luck at their website. Any clue what to do? I would uninstall it but there are some websites and browsers that won't download information unless you have it.
I use FF PDF Reader to open anything downloaded, but it appears this program won't always be used to download the information.
Windows XP...file location
C://WINDOWS\system32\Adobe\Reader\9.0\Reader\AcroR d32.exe
I have rescanned with Secunia PSI v1.5.0.2 twice.



--
bonnie23
Was this reply relevant?
+0
-0
mogs RE: Adobe Reader 9.3.4 SA41340
Expert Contributor 17th Sep, 2010 21:43
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
EDIT: @mogs; hi mogs - just a thought - if you reference a post on the lengthy CYBERCLIPS thread(s), it may be better to give the date and time of the relevant post for easier finding, rather than scrolling and counting the way down.


Thanks for the suggestion/pointer TiMow...will try to bear it it mind.


--
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability