[Donna]

Summary

Adobe is aware of a recently published report of potential vulnerabilities in Adobe Reader and Acrobat. These vulnerabilities would cause the application to crash and could potentially allow an attacker to take control of the affected system.

Affected software versions

Adobe Reader 7.0.0 through 7.0.8 and Adobe Acrobat Standard and Professional 7.0.0 through 7.0.8 on the Windows platform when using Internet Explorer. Users of other browsers are not affected.
Solution

The Secure Software Engineering team is working with the Adobe Reader Engineering team on an update to Adobe Reader and Acrobat 7.0.8 that will resolve these issues, which is expected to be available in the near future. A security bulletin will be published on http://www.adobe.com/support/security as soon as that update is available.

The upcoming version of Adobe Reader, which will not be vulnerable to this issue, is also expected to be available in the near future. Acrobat 8 is not affected by this issue. The vulnerability is in an ActiveX control used by Internet Explorer; users of other browsers are not affected. The following workaround will prevent these vulnerabilities from occurring in Adobe Reader 7.0.X on Windows using Internet Explorer:

• Exit Internet Explorer and Adobe Reader.
  
• Browse to <volume>:\Program Files\Adobe\Acrobat 7.0\ActiveX. Note: If you did not install Acrobat to the default location, browse to the location of your Acrobat 7.0 folder.
  
• Select AcroPDF.dll and delete it.

NOTE: This workaround will prevent PDF documents from opening within an Internet Explorer window. After applying this workaround, clicking on PDF files within Internet Explorer will either open in a separate instance of Adobe Reader or the user will be prompted to download the file, which can then be opened in Adobe Reader. This workaround may disrupt some enterprise workflows and use of PDF forms.

http://www.adobe.com/support/security/advi.../apsa06-02.html

[Guitar Man]

I don't use Acrobat. But I do use Adobe Reader version 7.0.8 with IE6. And a while ago, I read that one should disable showing the PDF file in an open browser window (for reasons I can't remember right now), and made the change then. (Open Adobe Reader, go to Edit>Preferences>Internet, and clear the appropriate box.)

Am I still vulnerable ? On top of that, AcroPDF.dll in that folder mentioned in this workaround does not exist. I don't recollect having deleted it either.

For now, I've subscribed to the Security Notification Service. And thanks for the heads up, Donna.

[Donna]

I also don't have the said .dll file they mentioned. It could be because, like you, I didn't allow Adobe Reader (freeware) to open a .pdf file in a browser.

We're not affected

Yes, it's good to receive alerts on items that we are using. I'm subscribed with them for a long time. I don't receive any spam (promotion on their products). Just the security advisories

[guest]

I'd much rather use Foxit.

* Really QUICK load

* No tracking cookies

* Annotation tool: Have you ever wished to annotate (or comment on) a PDF document when you are reading it? Foxit Reader 2.0 allows you to draw graphics, highlight text, type text and make notes on a PDF document and then print out or save the annotated document.

* Text converter: You may convert the whole PDF document into a simple text file.

* High security and privacy: Foxit Reader highly respects the security and privacy of users and will never connect to Internet without users' permission. While other PDF Reader often silently connects to the Internet in the background. Foxit PDF Reader does not contain any spyware or adware

* Interactive form filler: Now you don't have to print out PDF forms first and then manually fill out paper forms. Instead, you can use PC to fill out interactive forms directly, and then print them out, save them, email them or export the form data into FDF file for further processing.

* Multi-language UI that can be dynamically switched: The user interface of Foxit Reader now can be switched to different languages dynamically, thanks to the generous help from our user community.
* On-demand download of add-on: With add-ons, the function of Foxit Reader can be extended unlimitedly. * Advanced feature modules and seldom-used modules are packed as add-on to be downloaded when needed.

* Self-upgrade: In the past, when you want to upgrade Foxit Reader, you have to frequently visit Foxit website, check for new release, and then manually download the new version, uninstall the old version and re-install the new version. Now this whole process is simplified and you only need to click on the menu item "Check for update now".

* Javascript support: Advanced users are able to use Javascript to create complex logic for PDF forms, to validate user input and process data.

* Improved printing speed: Printing a PDF file with many images on it to a PostScript printer used to be slow. Version 2.0 has been optimized for such printing.

* Streamlined UI: Version 2.0 comes with a neat UI. Annotation tool buttons are grouped together and no longer being showed on several toolbars.

http://www.foxitsoft...df/rd_intro.php

[hewee]

I am happy that Adobe Reader was never installed on this drive.

Foxit is what I have and it's fast to open and easy to use.

[guest]

hewee, on Nov 29 2006, 04:39 PM, said:

I am happy that Adobe Reader was never installed on this drive.

Foxit is what I have and it's fast to open and easy to use.

Foxit

[hewee]

YoKenny, on Nov 29 2006, 01:52 PM, said:

hewee, on Nov 29 2006, 04:39 PM, said:

I am happy that Adobe Reader was never installed on this drive.

Foxit is what I have and it's fast to open and easy to use.

Foxit

You bet and you know going here http://www.neednewpc.com/ to see the movies would of opened Adobe Reader I bet. I had Adobe Reader on my other drive and did everything to turn off the plugin and made Foxit my default but if you clicked any .pdf file when online darn if I did not have to wait around for Adobe Reader to open so I could close it and I hated that.

[Celtic Ferret]

Although I haven't tried Foxit yet (but will on everyone here's recommendation), a pdf viewer I've used a lot in the past (and still use) is GSView. GSView will occasionally display pdf files that Adode won't touch, and I hate the resources that Acrobat demands.

Quote

GSview is a graphical interface for Ghostscript. Ghostscript is an interpreter for the PostScript page description language used by laser printers. For documents following the Adobe PostScript Document Structuring Conventions, GSview allows selected pages to be viewed or printed. GSview requires Ghostscript. GSview is available for Windows, OS/2 and Linux.

GSview was written by Russell Lang at Ghostgum Software Pty Ltd.
Ghostscript was originally written by Aladdin Enterprises and is now maintained by artofcode LLC and Artifex Software.

http://www.cs.wisc.edu/~ghost/gsview/
Ghostscript Website - http://www.ghostscript.com/awki

GSview 4.8
http://www.cs.wisc.e...sview/get48.htm

It doesn't have Adobe's slick interface or bells & whistles, but I have had it occasionally open pdf files that bombed Acrobat, so that earns it a place in my toolbox.
--CF

[hewee]

Foxit is small and used to even fit on a floppy but got a little bigger so will not now.
But it is still small and opens very fast. Also it is just the one file that you unzip and run without needing to install it. So just make a folder for it and if you install some of the add-ons it will put them in the same folder so you can keep it all in one place in the same folder that way.