Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Adobe Gets Regular On Security Patches

timothy posted more than 5 years ago | from the can-of-prunes-every-three-months dept.

Security 38

dasButcher writes "Adobe joins Microsoft and Oracle on regularly scheduled security patch releases. The first set of patches for Acrobat and Reader are scheduled for today, and Adobe will release future patch batches quarterly."

cancel ×


Sorry! There are no comments related to the filter you selected.

Acrobat Reader is crap (5, Interesting)

deemen (1316945) | more than 5 years ago | (#28264665)

Good for Adobe, but Acrobat is crap anyways. It takes forever to load up and uses way more system resources than it should. Foxit Reader [] is what you should be using.

Re:Acrobat Reader is crap (2, Informative)

Anonymous Coward | more than 5 years ago | (#28264861)

Reader might be crap, but Acrobat Professional has only a handful of competitors with equivalent feature sets. And then you can get into programs like Pitstop Pro, which cost twice as much as Acrobat Pro (but are absolutely essential if you need the features for real prepress work).

Re:Acrobat Reader is crap (1, Informative)

JustOK (667959) | more than 5 years ago | (#28264985)

kinkos can print word docs

Re:Acrobat Reader is crap (2, Insightful)

ThrowAwaySociety (1351793) | more than 5 years ago | (#28265339)

kinkos can print word docs

Printing a Word doc at Kinkos is like hiring chef Emeril Lagasse to serve you McDonalds food on a silver platter.

If you're going all the way to Kinkos to print something professionally, you probably want some control over what the output is going to look like. Word gives you none. A Word document can look different on two computers running the same version of Windows and the same version of Word with the same fonts, just because your default printer is different.

Re:Acrobat Reader is crap (1, Insightful)

Anonymous Coward | more than 5 years ago | (#28265351)

The phrases "real prepress work" and "Word docs" have no reason to ever appear anywhere near each other. It reminds me of a guy applying for a sysadmin job at Google saying "I know how to use Norton."

Re:Acrobat Reader is crap (1)

Celeste R (1002377) | more than 5 years ago | (#28265369)

Kinkos can't print all of the feature bloat that Adobe has put into its PDF format though.

How do you print a sound clip?

Re:Acrobat Reader is crap (1)

EkriirkE (1075937) | more than 5 years ago | (#28269225)

Duh, etching like a phonograph

Re:Acrobat Reader is crap (1)

EraserMouseMan (847479) | more than 5 years ago | (#28265065)

It's a shame that such a tiny stupid little document reader has so many issues that it has to have regular patches & security updates. I can understand regular updates for an OS. But a glorified doc reader?

Re:Acrobat Reader is crap (2, Insightful)

jonwil (467024) | more than 5 years ago | (#28265239)

The problem is all the crap Adobe has shoehorned into the PDF format like JavaScript and all those plugins. If PDF went back to what it should be, a document format with no extra crap, the problems will go away.

PDF and Acrobat need to go back to a core focus on being a way to represent documents and other things in a way that looks the same no matter what OS, screen resolution or browser you are running and ditch all the extra garbage that has made Acrobat and Acrobat Reader so bloated.

Re:Acrobat Reader is crap (1)

Celeste R (1002377) | more than 5 years ago | (#28265313)

That glorified "doc reader" can do far more than you think, Adobe makes it possible to have a document in a file, with all of the features of a website.

Yes, it's "only a glorified .doc reader", but only things as powerful as TeX and such even compare. This is akin to saying "MS Word is only a glorified .txt reader".

Re:Acrobat Reader is crap (4, Insightful)

geminidomino (614729) | more than 5 years ago | (#28265751)

That glorified "doc reader" can do far more than you think, Adobe makes it possible to have a document in a file, with all of the features of a website.

And that's a good thing... why,again? PDF is supposed to be a portable doc format for predictable, portable printing, not a blasted website.

Re:Acrobat Reader is crap (2, Interesting)

LordLimecat (1103839) | more than 5 years ago | (#28265801)

<quote>That glorified "doc reader" can do far more than you think, Adobe makes it possible to have a document in a file, with all of the features of a website.</quote>
Sounds like something thats a browser's job.  I had always understood PDF's purpose to be creating a "virtually printed" file--basically, how it appears in the reader IS how it will appear when printed.  Why the hell is javascript involved now?  Or is it people about 10 years ago completely forgot the point of a PDF and started using them instead of .docs?

Re:Acrobat Reader is crap (0)

Anonymous Coward | more than 5 years ago | (#28267841)

"That glorified "doc reader" can do far more than you think, Adobe makes it possible to have a document in a file, with all of the features of a website."

So, what you're saying is, we can set up a website with an embedded PDF file that ... contains a website.

Brilliant! Another fine piece of bloatware brought to you by the Department of Redundancy Department at Adobe.

Re:Acrobat Reader is crap (1)

MrNemesis (587188) | more than 5 years ago | (#28265641)

I also used to use Foxit, but found an even more lightweight reader in the form of Sumatra PDF: []

For the 99% of us that only read PDF docs, it's the fastest and least resource hungry PDF viewer I've ever used, plus the benefit of open sauce. IIRC even Foxit's fallen foul of some of the same vulns as acrobat.

FYI I've also got a full fledged version of Acrobat for when I do tech writing or annotate some of our existing docs, and I've never noticed any difference between the presentation of sumatra and acrobat, nor any problems with stupid forms (although they didn't use JS). Recommend everyone gives it a whirl even if just to find out whether they can live without bells and whistles.

Tip: to get it to remember your default view (fit width, continuous in my instance) open sumatra, set your preferences and then those sumatra. Otherwise it remembers individual view settings based on the file path.

Re:Acrobat Reader is crap (1)

maxume (22995) | more than 5 years ago | (#28265669)

Reader 9 improves loading speed quite a bit (even after the preloader is turned off). On a system with a couple of gigabytes of ram, it doesn't use a punishingly large amount of resources either (who doesn't upgrade to 2 gigs when it costs $25?).

Re:Acrobat Reader is crap (1)

Chabo (880571) | more than 5 years ago | (#28270853)

People who are still using DDR ram or older, which doesn't cost $25 for 2GB.

I'm upgrading this fall, I swear! ;)

Re:Acrobat Reader is crap (0)

Anonymous Coward | more than 5 years ago | (#28267623)

Speaking of crap it's good to see adobe is getting it's fiber

Re:Acrobat Reader is crap (1)

Donniedarkness (895066) | more than 5 years ago | (#28273219)

I just wish they didn't package it with crap toolbars and such. I recommend it to people all the time, though, and I just make sure to warn them to read the install prompts.

Only quarterly??? (4, Insightful)

davidwr (791652) | more than 5 years ago | (#28264705)

Quarterly makes sense for non-security patches but for critical security patches I hope they go "off-cycle."

For critical security vulnerabilities, I would like a beta patch OR workaround ASAP and a tested patch as soon as practical.

Re:Only quarterly??? (3, Interesting)

Drakkenmensch (1255800) | more than 5 years ago | (#28264743)

Quarterly makes sense for non-security patches but for critical security patches I hope they go "off-cycle."

Once per quarter is already a huge improvement on their previous schedule of not at all even when thousands of computers were getting infected by virus-ladden rigue PDF files.

Re:Only quarterly??? (2, Funny)

Culture20 (968837) | more than 5 years ago | (#28265099)

That's not a fair characterization. They planned a security update to be released a month later. A MONTH. And they did suggest turning off a feature that never should have existed and is not trivial to turn off remotely.

Re:Only quarterly??? (1)

Drakkenmensch (1255800) | more than 5 years ago | (#28265513)

I'm sure that's great comfort to all the people whose computers were infected in all the weeks that have gone by since this viral exploit was uncovered and put to destructive use.

Re:Only quarterly??? (1, Offtopic)

Rich0 (548339) | more than 5 years ago | (#28265759)

The real mess is a lack of package management on Windows.

On virtually any linux distro I can type one command and have the system check for security updates and provide me a list of all packages that require security updates. Another command will apply those updates. If I'm REALLY brave I can just put it in cron and have it just email me what its doing after the fact (not always wise - some linux distros sometimes break booting with core package upgrades). A different variation on the same process could apply non-security updates as well. Distros like debian actually backport security patches so that you can have very safe updates.

On windows the OS itself is fairly well updated if you configure it correctly. However, the 40 bazillion other pieces of software I use are a mixed bag. Some will auto-update, but using their own update programs with their own configurations and their own update policies. Many don't auto-update at all, but if you look really hard you might find a website (or if you're really lucky an email list) where updates get posted. I'm sure my windows box right now has 5-7 services all running in the background that are just looking for updates to various programs.

Windows really needs a package manager. It could even support installs off of CD, but the installer is a standard component of the OS, and the OS manages updates. The installer could even be extensible (installer creates an enviornment to install into, then program-specific installer does all kinds of magic and dumps files into that environment, then OS deploys files and registry keys and permissions appropriately). Virtually any linux distro would be a vast improvement, and I think there is room for even further improvement.

Slow news day? (1)

Rogerborg (306625) | more than 5 years ago | (#28264731)

So, they're going to delay security updates until the next scheduled patch-o-rama?

Or are they going to release "critical" updates as needed, thus making a mockery of the schedule?

Either way, I find it hard to care one way or another. Can you find some way to tie this story to the OLPC, or Futurama?

The Story (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#28264761)

It was a warm summer evening when she left for the airport. He was sad to see her go but some bachelor time could probably do him some good. He was so into her that he had a hard time saying goodbye. She was such a nice girl. Well she could be a nice girl. She treated him ok but she certainly had ulterior motives behind her plan. Or so he thought. He suspected that things were not on the up and up but what was he to do. He loved her. He loved every bit of her. From her flowing hair and georgous eyes to her supple feminine features that turned him on so. She always said she loved him but was never quite sure in her actions. They remained together either out of co-dependency or what was actually true love behind a veil of dependency and irrelevancy. He always thought he was saving her from herself and a life of mediocrity. He was wrong. He thought he was so much more than what he was. He wanted to be a great man but wasn't sure how to get there. Nothing an education in hard knocks can't fix. And so began his dwindling into the loathsome vortex of self-pity and destruction of potential. As though it was death he truly wanted. As though she was just the abuse that would allow him to feel as dead as he could feel. Was it fear that kept him alive? Or maybe that rationale of self preservation and anti-defeatism that cluttered his subconscious. After she was away for a few hours, he thought about doing it, but was unsure for some reason. He decided to go have some beer with his roomates instead. A short while later she appeared in the doorway and was back. "What are you doing here?" he said. "The plane is delayed until tomorrow at 6 am." He pondered this over his beer and invited her to sit down with them and imbibe some frosted rye for the evening. After a few drinks she was tired and wanted to go to bed. He took her into their room and laid with her for a while. He wanted to be with her that night because he knew she would be gone for 2 weeks. She accepted the offer and he pleased her for some time before they both fell asleep. It was long and enduring but not the same as when they both would take the ride and he deliver hours of hardened pleasure to her. He never knew how but he would hold that high note for so many hours when the white knight appeared. 6 AM and the shuttle arrived. He was sad to see her go but knew she'd be back in a few weeks. He went for coffee down the street and a little breakfast. Knowing she was gone for sure this time sent the urge right up into his head. He couldn't wait anymore. It was killing him in a way this desire handles no man gently. Unable to walk from his need for the response, as the receptors were screaming to him for that special shape that releases all the wonders of the mind. He hadn't had this batch before but knew it was good. As he melted his lust and drew it into its temporary home his hands started to shake wildly. He had to walk away for a while to relax before the moment. As the eye penetrated the main and the devil released his wrath, the collapse began. He felt the cold mourning of a lonesome vein lose its caress on life. Nothingness was what he felt. Slowly it creeped and he knew he missed in delivery of his love of pain. It became so strong he knew that would have meant dissolution. That would have been the one that delivered him to his final destination. His one way street to paradise. Someone smiled on him that day, a smile that turned to a laugh...... a dark and hateful cackle that tested his own perception of what is real. The guffaw of his own dark masters removal of all light that is the flame of his acumen. That evening after he had come down a bit he realized how strong that was. It was incredible. What was that stuff? It wasn't anything like he had before. He wasnt't sure he should try it again because the effect was so strong he worried about making it through another rise. Whisky was the cure for now. He found a 1.75 litre bottle of vodka about half full by the bed and started drinking. No bother mixing as he needed it to work now. Too much vodka on an empty stomach can be a bad thing but still riding was keeping the full effect at bay. He walked down to the bar at the end of the street for more drinks. Some friends were there and were glad to see him. They chatted for a few hours into the night. At home he was having a hard time getting to sleep. Drunk with the room spinning a little but not tired in the least. As he layed there on his bed, alone and missing his girl, his mind wandered. Could he handle a bit while drunk? Would his heart hold out? The years haven't been especially nice to him since his move to this town. The taste in the back of his throat starts to arrive and that all too familiar smell and desire to spreak into warpspasm as the energy becomes increasingly more, as it flows from his toes to his brain. He hates the jones but he knows the cure. Almost the desire to live the anticipation inevitably. The conjecture of the promise of a better tomorrow, is as much a divine insight, as it is a dream of the held passion on the flight to purgatory. As much as anoyone could want to hurt, is stronger than any desire for pleasure. The unknown path to a frigid death is more delectable than the known ideal that is a life forseen. He wakes up around one the next affternoon and feels like crap. Starving he wants food, hungover he wants beer, but more than anything he wants to hit the hype to hear the angelic hovering of discovery in his mind. He can't get past that desire. He bought a large amount and has hardly touched it. Usually a sixteenth would have been done and over by now. he took out that large yellow rock and inspected it. It must have been the size of his thumb. he broke a small piece off into a spoon and put a little water on it. His stomach turned and his mind ached. He wanted to go there but had hesitation. Fear of the unknown can really hamper ones drive for pleasure. 15 seconds is all it takes to meet God. Anyone can do it anytime they want. A path to enlightenment can always be a few micrograms and ten U of water away. As the molecules arrange themselves in the order of the illuminated conception, and the seratonin pathways reverse their direction, the mind stretches out into the ether. The spiraling vision of acceptance is embracing your psyche as you begin a path to an enlightened awe that is the maker of us all. He sees you and welcomes you back to that periodic balancing act between nature and the depth of the multi-verse. It is a moment of discovery. A moment of understanding. A moment when you can briefly look into the darkest depths of your own denial and forlorn ambivalence. As the room breathes and the space around him becomes substantive, it moves in and out of his perception in a spiraling display of glory and necrosis. Death is waiting for him in each and every atom asking him to join them on their quest for another soul. The display is of such intensity that he falls back on his bed and just watches the shadows move through the air all around him. The twitch and shimmer, create patterns of explanations that only he could understand while under their trance. Almost as if god were speaking to him through a display language of shapes and movements and twists and turns. If this is the case then it can be sure that god speaks in black and white. Color is absent from his view but is still seen in the multi-dimensional illusion that envelopes him like a cloak of dissolution within the hatred filled miasma. Over time he awakens from his state and succumbs to the turmoil of reality. Still under the influence he cannot understand what has happened. This is the most mind numbing and expanding thing he has ever experienced in his life. He prepares another solution of light because he has to go back to this place again. He has never been there before but realizes he never wants to leave. As breaks off his piece and prepares the delivery. Soon he is welcomed back this world of love and warmth that he only left moments ago. All again he is living through the wonder that is encapsulated in his own mind and released by volume. Trying to understand the world he has entered he falls back again to relive his dream.

Re:The Story (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#28265321)

what the fuck?

Too much time. (3, Interesting)

Deathlizard (115856) | more than 5 years ago | (#28264783)

Although Quarterly is a start, it should be carried out on a monthly basis or at least have a plan for immediate release if an exploit goes wild.

Acrobat and Flash are some of the most used Apps second to MS products. They should at least be on par with their patching policy.

Adobe Gets Regular (3, Funny)

andrewd18 (989408) | more than 5 years ago | (#28264895)

"In light of its age and recent back-end irregularity, Adobe Acrobat Reader has promised to start taking steady doses of Metamucil."

Too slow (1)

gubers33 (1302099) | more than 5 years ago | (#28264975)

Although it is good to see that Adobe is getting on a security release schedule, but they need to be better in patching their applications. The PDF flaw came up earlier this year they took far too long to release a patch, I recall patching my systems with private patches because Adobe took so long. The releases should be monthly or weekly if it is a serious vulnerability.

Adobe gets regular (1)

Celeste R (1002377) | more than 5 years ago | (#28265175)

My first impression was "it's that time of month?"

Patching would could be a non-issue... (2, Insightful)

geekmux (1040042) | more than 5 years ago | (#28265637)

Ah, anyone remember the good ol' days of Adobe, when it was just a fucking reader??

Sorry if I'm being crass, but a damn PDF reader should not be 100MB worth of installer followed up with 20MB "patches". Damn Adobe v5 installer was 5MB, and guess what? v5 does everything I need it to do, and would likely suffice for 95% of Adobe users who do nothing more than view PDFs.

Everything else is going low-cal, low-carb, lite and dry, how about a simple PDF reader?

Re:Patching would could be a non-issue... (1)

buchner.johannes (1139593) | more than 5 years ago | (#28268063)


I mean for PDF readers you have a choice, I find these hundreds of megabytes for updating the .NET-Framework (MS Update) rich. I don't download that.

Re:Patching would could be a non-issue... (1)

Minwee (522556) | more than 5 years ago | (#28269667)

Everything else is going low-cal, low-carb, lite and dry, how about a simple PDF reader?

Not a problem. Just try applying one of the patches found on this site [] to substantially upgrade the performance and reliability of Acrobat Reader. To avoid system instability you may need to uninstall your old version of Acrobat before upgrading.

exploits also to be released on quarterly cycle... (0)

Anonymous Coward | more than 5 years ago | (#28265913)

...the day after Adobe releases its security patches, for maximum effect (although its making quite an assumption that Adobe will get a fix out by the next quarter).

About F*CKIN Time! (1)

hesaigo999ca (786966) | more than 5 years ago | (#28268169)

Being the #1 worst application for vulnerabilities, meaning that its market share makes it installed on 99% of all pcs, you would think there long list of vulnerabilities would have made this a necessity years ago, but it is good news, maybe they will be a little more
up to date with their unit testing, and develop better then average sandboxes to test all the drive by execution flaws they have.

Colon-Blow? (1)

motherpusbucket (1487695) | more than 5 years ago | (#28273949)

"Adobe Gets Regular On Security Patches"
Is Adobe taking a fiber supplement? Cool! Maybe it will quit constipating my f*cking computer!

Adobe? (2, Insightful)

Oldav (533444) | more than 5 years ago | (#28274107)

Dont use acrobat, Foxit reader is great, and is much less of a resource hog!
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?