Adobe is aware of reports that an exploit for this vulnerability exists in the wild, and recommends users apply the updates referenced in the security bulletin.
always the same story. if they had any dignity they would commit corporate seppuku.
Tag: adobe
Reversible encryption
Adobe engineers used reversible encryption to scramble the passwords contained in a 9.3-gigabyte file that’s now available online. Surprisingly, they flouted almost universally recognized best practices that call for stored passwords to be protected by bcrypt or another one-way cryptographic hashing algorithm.
other than microsoft, there is no company that has screwed security up more than adobe. holes galore in pdf and flash and now this. also the entire source code of their products got stolen recently.
Adobe 9
I cannot wait until the first time some idiot takes a Flash impregnated document down to their local FedEx Kinko’s and pitches a fit when the zitty clerk tries to tell them that they can’t print a YouTube video of their ugly baby eating cat turds on the lawn
PDF Ads
Yahoo and Adobe have teamed up to give publishers the ability to offer contextual advertising as part of their PDF document downloads.
this reminds me, how do i remove the stupid yahoo toolbar from acrobat reader?
Adobe and del.icio.us work together?
Adobe’s first step was to set up a del.icio.us account and start collecting the best bookmarks on Illustrator they could find. They then integrated del.icio.us into Illustrator CS3 as part of their “knowhow” palette, thereby allowing users to tap directly into Adobe’s bookmarks.
View Source
When the tool spits out some bundle of shining Deployment-Ready Code Artifact, do you get something that can be mashed up, styled, scripted, indexed by search engines, read aloud by screen readers, read by humans, customized with greasemonkey, reformatted?
Adobe Apollo
Springtime means conference time, which means it’s silly season on the web again. Adobe introduced Apollo, their latest attempt to recreate the web in their own image. Apollo is based on Adobe’s own markup language, Adobe’s own runtime, Adobe’s own graphics and animation framework, Adobe’s own video and audio codecs, and Adobe’s own developer tools. You can do many things with it, but “you may not sublicense or distribute the Software. … You may not modify, adapt, translate or create derivative works based upon the Software. You may not reverse engineer, decompile, disassemble or otherwise attempt to discover the source code of the Software. … You may not install or use the Software on any non-PC device or with any embedded or device version of any operating system.” It requires at least Windows XP SP 2 or Mac OS X 10.4.
nice smackdown on all the adobe / ms nonsense this week. and i am actually working on a side project with mark now 🙂
Universal PDF XSS
oy. acrobat has a XSS hole with the (useful) # handling by the plugin
Mars
a reformulation of pdf in xml. if svg were not such a clusterfuck, this would be more exciting. still, has some promise.
Gregor J. Rothfuss 