Filed under: Security
Acrobat vulnerability may affect Mac users
As if the baked-in security issues weren't enough to deal with, Adobe has announced today that all versions since v7 of Acrobat and Acrobat Reader on all platforms -- including Mac OS X -- are vulnerable to an
Mac users have, of course, a very solid option for handling PDF files other than Acrobat: Preview, installed on every Mac OS X machine. You can also turn off Javascript support in the Acrobat preferences to lock out exploits from proceeding beyond crashing the app to actually doing widespread damage.To change the default handler for PDF files, select any PDF file in the Finder and then select Get Info from the File menu. Under the Open With section, select Preview.app and then click Change All.
![TUAW [Cafepress]](http://www.blogsmithmedia.com/www.tuaw.com/media/tuaw-cafepress-promo.png)
Reader Comments (Page 1 of 1)
dan said 10:52AM on 2-20-2009
For anyone doing anything remotely grown up with PDFs I strongly recommend using Skim.
It's freeware and it's fantastic! Much better than Adobe's own effort.
Reply
grifmusic said 10:58AM on 2-20-2009
what? acrobat? what's that?
been using preview for years! sometimes Skim. they have different Mark Up tools.
Reply
Lalizig said 11:01AM on 2-20-2009
Shock. Bloatware has security flaws. Has anyone noticed that every new version is larger and larger? WHY would you ever use Acrobat anyway? Slightly better mark-up tools?
I have no sympathy for Acrobat users.
Reply
SlaunchaMan said 11:42AM on 2-20-2009
Lots of people are commenting with things like "Why would you ever use Acrobat?"
Well, for one, what if you want to make an encrypted PDF? What if you - gasp - LIKE Acrobat?
Don't get me wrong, I hate it. I'm a Mac sysadmin who has to deploy it. But this is a lot like saying, "Why would you ever use Windows?" Sure, you can prefer Mac OS X or other UNIX-based systems, but if someone prefers Windows, hey, that's their right.
Anyway, to speak to the main point: Adobe software tries to be all things to all people. Heck, they even made Acrobat into a word processor. It's completely unsurprising that this would happen. I'm going to disable JavaScript in Acrobat on our systems until the security hole is fixed... or until the next flaw is discovered.
Reply
bryan said 12:18PM on 2-20-2009
I think for the average user, they're right, "Why would you ever use Acrobat?" 90% of users probably use 10% of the features.
But on top of things like encrypting a PDF, Acrobat Pro has tons of features that publishers, designers, and printers use on a daily basis, and many of them rely on the JavaScript engine built into Acrobat.
I work for a major publisher and a few months ago I got a survey from Adobe asking how much of an impact it would be if they were to remove certain features, including JavaScript and AppleScript support. I really hope Adobe fixes this vulnerability instead of seeing it as a reason to remove JavaScript support from Acrobat!
Tyler Whitworth said 12:40PM on 2-20-2009
Well, I like Acrobat, it's nice and all and useful. However I avoid using it most of the time because it's just so slow compared to preview or Skim. As far as encrypting a PDF File goes, I believe the freeware program PDF Lab does a pretty good job at that. (as well as decrypting and a bunch of other cool stuff)
Reply
chris.coff.eepor said 12:40PM on 2-20-2009
I've been using skim for a while now
Reply
scott said 12:55PM on 2-20-2009
As a web developer I use Acrobat Pro every day for clients. I create lots of PDF files that need to be optimized & encrypted for the web. That being said I use Preview for reading PDF files I get.
Reply
Nigel said 4:03PM on 2-20-2009
For publishes, Acrobat Pro is good. But for the end user, Acrobat is the shiits. Preview I use to read PDFs, Acrobat Pro to make em.
Reply
kevin said 10:12AM on 2-24-2009
to clarify, why would anyone ever use Acrobat Reader? The Acrobat program, for creating PDFs, fine, but the reader is horrendous and not needed on OS X, Windows or Linux.
Reply