Category Archives: Adobe

FOUR Free Alternatives To Adobe Reader Malware Magnet

image

FLASH – A critical vulnerability (March 14, 2011), exists in Adobe Reader, as well as Flash Player and Acrobat. But don’t worry, Adobe will address this issue during the week of March 21, 2011. (OK, enough sarcasm).

If you’re shaking your head and wondering if you’ve heard this before – you can stop wondering. The date might be different; the vulnerability might be different, but you have heard this before – unfortunately, not once before, but often.

The graphics below (courtesy of Secunia – the developers of Secunia PSI), convincingly illustrate why Adobe Reader is considered one of the most hacked pieces of  software.

Month by Month (so far) in 2011
The “Month by Month” graph below shows the number of issued Secunia advisories affecting Adobe Reader 9.x on a month-by-month basis.

Month by Month in 2010
The “Month by Month” graph below shows the number of issued Secunia advisories affecting Adobe Reader 9.x on a month-by-month basis.

While it’s true that Adobe releases patches and updates to close security holes, they generally appear long after the vulnerabilities have been discovered and used to maximum advantage, by cyber crooks.

If you continue to use Adobe Reader, make sure you install the latest version. Users who continue running older versions of Adobe software (not uncommon), is a major element in cyber crooks successful manipulation of this  application.

Better yet – don’t even consider running Adobe Reader. Instead, choose one of a number of much faster, more streamlined free applications.

Nitro PDF Reader

image

View, review, and create PDF files without compromise with the free solution PCWorld deemed “the most powerful free PDF reading and creation tool you can find…”

Fast facts:

Create PDF from 300+ file types

Comment, review, and collaborate on PDF files

100% compatibility with Adobe Acrobat and other common solutions

Fill, save, and submit PDF forms

Enable/disable JavaScript and control Web-based interactivity from PDF files

System requirements: Windows XP SP3, Vista SP2, Win 7 (x86 and x64)

Download at: Nitro PDF

Foxit Reader

Foxit Reader is a free PDF document viewer and printer. Small and fast, with a rich feature set.

image

Fast facts:

Incredibly small: The download size of Foxit Reader is only 2.1 M which is a fraction of Acrobat Reader’s 20 M size.

Fast: When you run Foxit Reader, it launches instantly. You are not forced to view an annoying splash window displaying company logo, author names and so on.

Annotation tool: Have you ever wanted to annotate, or comment on, a PDF document. Foxit Reader allows you to draw graphics, highlight text, type text and make notes on a PDF document and then print out or save the annotated document.

Text converter: You can convert the whole PDF document into a simple text file.

Security and privacy: Foxit Reader doesn’t connect to the Internet without your permission. Other PDF readers often connect to the Internet in the background.

System requirements: Windows 2003, Windows Vista, Windows 7, Windows XP, Windows 2000

Download at: Download.com

Cool PDF Reader

This viewer has many the features of Adobe Reader, but unlike Adobe Reader, Cool PDF Reader loads PDF files extremely fast. Conversion from PDF to text and graphics formats is included.

image

Fast facts:

View and Print PDF

Convert PDF to BMP, JPG, GIF, PNG, WMF, EMF, EPS

Extract PDF to TXT

Support PDF files of all versions

Work with 68+ different languages

Zoom in/out and Rotate page displays

Slide show PDF document with full screen

Small in size, only 650KB

System requirements: Windows 7, Windows Vista, Windows XP, Windows 2000, Windows Server 2008, 2003, 2000. (32-bit and 64-bit support)

Download at: Download.com

Sumatra PDF Viewer

Sumatra has a minimalistic design, with its simplicity attained at the expense of extensive features. Sumatra takes up little disk space with an installed size of only 1.2MB, whereas Adobe Reader requires 335 MB of available disk space.

image

Fast facts:

Sumatra PDF is a slim, free, and open-source.

Portable out of the box. Doesn’t write to registry.

Sumatra has a minimalistic design – simplicity has a higher priority than a lot of features.

It’s small and starts up very fast.

Hyperlinks embedded in PDF documents are supported.

Sumatra is multilingual, with 20 community-contributed translations.

System requirements: Windows 2000/XP/Vista

Download at: Download.com

Additional free PDF applications recommended by readers include:

Nuance PDF Reader

PDF-XChange Viewer

Both Foxit and Sumatra, are also available as portable versions from portableapps.com.

If PDF conversion is one of your considerations, then take a look at the free online conversion services offered by Nitro PDF Software – including Word to PDF, PDF to Word, HTML to PDF, and PDF to Excel.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

23 Comments

Filed under 64 Bit Software, Adobe, Application Vulnerabilities, cybercrime, Don't Get Hacked, downloads, Free PDF Software, Freeware, Internet Security Alerts, Portable Applications, Productivity Software, Software, USB, Windows Tips and Tools

Adobe Lightroom Release Candidate 3.4 Cleared For Download – Save $299, Maybe

imageIn the past, running beta and release candidate software could be challenging. But, I’ve noticed in the last year or two, that beta, and more particularly release candidate software, can often be as stable as the final release. It may well be, that Microsoft raised the bar for both beta, and release candidates, with reasonably flawless releases of Windows 7 in both these formats.

Adobe, well known for its very expensive, though admittedly highly sophisticated applications (with high production costs), has just cleared release candidate 3.4 of its Photoshop Lightroom 3, for download.

Adobe’s definition of a release candidate

A “release candidate” label indicates that this update is well tested but would benefit from additional community testing before it is distributed automatically to all of our customers. The Lightroom 3.4 update includes support for many new cameras and lens profiles.

If you’re unfamiliar with Lightroom, try this description I came across not too long ago – “For the uninitiated, Lightroom is Photoshop’s specialized sibling; where Photoshop is an imaging Swiss Army Knife, Lightroom is a steak knife for photographers.”

A little confused? I must admit – so was I. So, try this definition from Adobe –

Adobe Photoshop Lightroom 3 software unites your digital photography essentials in one fast and intuitive package. Create something beautiful. Express your vision. Move your audience.

Lightroom gets you there with the tools you need to create great images, manage all your photographs, and showcase them with style and impact.

If you’re a high level photographer, or you have aspirations in that direction, you might consider downloading this release candidate. There’s no guarantee that this is a perfectly flawless application, but if it’s relatively so, you just might save yourself $299 USD.

Personally, I’ve taken advantage of this offer and plan to test drive Photoshop Lightroom 3.4 in the coming weeks.

System requirements:

Windows –  XP with Service Pack 3, Vista (32 bit and 64 bit); Windows 7 (32 bit and 64 bit), 2GB of RAM, 1,024×768 display

Mac OS – OS X v10.5 or v10.6, 2GB of RAM, 1,024×768 display

Languages: Brazilian Portuguese, Chinese Simplified, Chinese Traditional, Dutch, English, French, German, Italian, Japanese, Korean, Spanish, Swedish.

Check it out at: The product page.

Download at: Adobe Labs

As with all beta, or release candidates, take sensible precautions prior to installation. This should include setting a new restore point.

Note: The application installed with no difficulty on my test system.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

13 Comments

Filed under 64 Bit Software, Adobe, downloads, Free Photo Applications, Freeware, Image Editors, Mac, Mac OS X, Multimedia Tools, Photo Tools, Release Candidate, Software

Bounce Adobe Reader Malware Magnet – Three Free Alternatives

image

Without a doubt, Adobe Reader is one of the most hacked pieces of  software – ever. While it’s true that Adobe releases patches and updates to close security holes, they generally appear long after the vulnerabilities have been discovered, and then used to maximum advantage by cyber crooks.

On top of that, this application is the very definition of “bloatware” – slow to load, and packed with features the average user has no interest in.

If you continue to use Adobe Reader, make sure you are using the latest version. Better yet – don’t even consider this program. Instead, choose one of a number of much faster, more streamlined free application such as Foxit Reader, Cool PDF Reader, or Sumatra PDF Viewer.

Foxit Reader

Foxit Reader is a free PDF document viewer and printer. Small and fast, with a rich feature set.

image

Fast facts:

Incredibly small: The download size of Foxit Reader is only 2.1 M which is a fraction of Acrobat Reader’s 20 M size.

Fast: When you run Foxit Reader, it launches instantly. You are not forced to view an annoying splash window displaying company logo, author names and so on.

Annotation tool: Have you ever wanted to annotate, or comment on, a PDF document. Foxit Reader allows you to draw graphics, highlight text, type text and make notes on a PDF document and then print out or save the annotated document.

Text converter: You can convert the whole PDF document into a simple text file.

Security and privacy: Foxit Reader doesn’t connect to the Internet without your permission. Other PDF readers often connect to the Internet in the background.

System requirements: Windows 2003, Windows Vista, Windows 7, Windows XP, Windows 2000

Download at: Download.com

Cool PDF Reader

This viewer has many the features of Adobe Reader, but unlike Adobe Reader, Cool PDF Reader loads PDF files extremely fast. Conversion from PDF to text and graphics formats is included.

image

Fast facts:

View and Print PDF

Convert PDF to BMP, JPG, GIF, PNG, WMF, EMF, EPS

Extract PDF to TXT

Support PDF files of all versions

Work with 68+ different languages

Zoom in/out and Rotate page displays

Slide show PDF document with full screen

Small in size, only 650KB

System requirements: Windows 7, Windows Vista, Windows XP, Windows 2000, Windows Server 2008, 2003, 2000. (32-bit and 64-bit support)

Download at: Download.com

Sumatra PDF Viewer

Sumatra has a minimalistic design, with its simplicity attained at the expense of extensive features. Sumatra takes up little disk space with an installed size of only 1.2MB, whereas Adobe Reader requires 335 MB of available disk space.

image

Fast facts:

Sumatra PDF is a slim, free, and open-source.

Portable out of the box. Doesn’t write to registry.

Sumatra has a minimalistic design – simplicity has a higher priority than a lot of features.

It’s small and starts up very fast.

Hyperlinks embedded in PDF documents are supported.

Sumatra is multilingual, with 20 community-contributed translations.

System requirements: Windows 2000/XP/Vista

Download at: Download.com

Checkout yesterday’s postUsing Adobe Reader? – Then Watch This Video Of Your Computer Being Penetrated.

Additional free PDF applications recommended by readers include:

Nuance PDF Reader

PDF-XChange Viewer

Update: Regular reader AE S. advises, that both Foxit and Sumatra, are also available as portable versions from portableapps.com. Thanks AE.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Other readers mentioned by readers include (check the comments and post here).

10 Comments

Filed under Adobe, Application Vulnerabilities, cybercrime, Don't Get Hacked, downloads, Free PDF Software, Freeware, Software, System Security, Windows 7, Windows Tips and Tools, Windows Vista, Windows XP

Using Adobe Reader? – Then Watch This Video Of Your Computer Being Penetrated

imageThere is nothing particularly unusual in Adobe Reader having an unpatched vulnerability. If you use Adobe reader, you’re used to having to wait for Adobe to release another patch to correct another vulnerability.

Once the fix is released you’ll be safe – at least temporarily; but only until the next bug is discovered.

The latest bug in Adobe Reader, CoolType.dll, which was disclosed on September 10, won’t be patched until October 4. In the meantime, if you’re a user of this application, take a look at this YouTube video which illustrates just how easy it could be for a hacker to penetrate your computer system by exploiting this vulnerability.

image

Click on the graphic to watch the clip.

image

A big thank you to my Blogging buddy Dan Dieterle over at Cyberarms, for putting me on to this video. Dan has tested this exploit, and confirms that it works.

For additional information, checkout Dan’s article – Adobe Reader PDF 9.3.4 “Cooltype Sing” Zero Day Exploit.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

11 Comments

Filed under Adobe, Application Vulnerabilities, cybercrime, Don't Get Scammed, Don't Get Hacked, Internet Security Alerts, Malware Advisories, Online Safety, Video, Windows Tips and Tools

Panda Security’s July 31, 2009 Report on Viruses and Intruders

Courtesy of Panda Security. Panda Security’s weekly report on viruses and intruders.

This week’s PandaLabs report looks at the Koobface.EA worm, designed to spread using Facebook, the Pidief.A Trojan, which takes advantage of an Adobe vulnerability to infect users, and P2Pworm.BJ, a worm designed to steal information entered on online forms.

To spread via Facebook, the Koobface.EA worm publishes a video on the infected users’ Facebook page, for all their friends and contacts to see it. On trying to watch the video, users are redirected to a page similar to YouTube’s.

Then, they are asked to download an Adobe Flash version necessary to watch the video. This file is actually a copy of the worm.

To make the attack even more dangerous, the worm downloads another malicious code to the infected computer: the AntiSpyware Pro 2009 fake antivirus.

This malicious adware simulates a fake system scan detecting dozens of non-existing malware strains. Then, it offers users the option to eliminate them using a paid version of the fake antivirus. As you can see, the objective is to get financial returns from this malicious code.

image

The Pidief.A Trojan uses the Adobe CVE-2009-1862 vulnerability to infect users. The exploit takes advantage of a known vulnerability when trying to open a PDF document with an embedded flash object.

The Acrobat file viewer has a feature to run flash objects included in .PDF files. Thanks to the authplay.dll library, the file reader can open the flash viewer and display the content. In this case, the information sent to the viewer includes the instruction to download a malware file (Trj/Pidief.A).

Pidief.A can be used by its creator to download more malware to the affected computer, or to gain total or partial control of the infected system.

P2Pworm.BJ is a worm designed to steal the information entered on online forms through Internet Explorer and Firefox browsers.

The worm uses the following means to spread:

Peer-to-peer (P2P) file sharing programs: It creates copies of itself in the shared directories of several programs (Ares, BearShare, Emule, Imesh and Shareaza).

The users of these programs can access the shared directories remotely and download some of the files belonging to P2Pworm.BJ to their computers.

Removable drives: It copies itself to the RECYCLER folder of removable drives. Also, it creates an AUTORUN.INF file on these drives to run every time they are accessed.

MSN Messenger: It sends messages with a copy of itself to the user’s contacts connected at the time of the infection.

More information about these and other malicious codes is available in the Panda Security Encyclopedia.

You can follow Panda Security’s activity online on Twitter, and the PandaLabs blog.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

4 Comments

Filed under Adobe, Application Vulnerabilities, Don't Get Scammed, Don't Get Hacked, Interconnectivity, Internet Safety, Internet Security Alerts, Malware Advisories, Panda Security, PandaLabs, Peer to Peer, Rogue Software, social networking, Windows Tips and Tools

Adobe Reader and Adobe Flash Player Vulnerabilities Remain Unpatched

image You phone 911 to report an emergency in your home – a fire, burglary, accidental fall; I’ll let you use your imagination to expand on this list. While you’re imagining; imagine this – the 911 operator instructs you not to worry, help will arrive within a week or so.

Computer users running Adobe Flash player (versions 9 and 10), as well as Adobe Reader and Acrobat 9.1.2, are currently subject to attack by cyber-criminals capitalizing on a zero-day vulnerability, and find themselves in an analogous position.

This is an extremely serious vulnerability which could result in a successful takeover of an attack victim’s computer through remote code execution. Like the 911 operator above, Adobe’s response to this vulnerability is, don’t worry we’ll get to you, we’ll fix it – just not now.

According to Adobe:

“We are in the process of developing a fix for the issue, and expect to provide an update for Flash Player v9 and v10 for Windows, Macintosh, and Linux by July 30, 2009 (the date for Flash Player v9 and v10 for Solaris is still pending). We expect to provide an update for Adobe Reader and Acrobat v9.1.2 for Windows, Macintosh and UNIX by July 31, 2009.”

To read the rest of Adobe’s response checkout “Security advisory for Adobe Reader, Acrobat and Flash Player”, at the Adobe site.

If you are like most computer users, you were probably only minimally interested in installing the latest updates of Adobe products since you may not have been aware of the important security patches they contain. In fact, you may not be aware of how important it is to keep all installed applications up to date, and patched.

Save yourself a lot of time and aggravation, and ensure that all your installed applications are always patched and up to date, by installing Secunia PSI, a free application which scans your PC for installed application vulnerabilities. In this case, it would have notified you of the Adobe vulnerabilities.

image

Without Secunia PSI installed, you leave yourself open to attacks and exploits that seem to be increasing in frequency.

image Consider this from ZDNet:

Ten free security utilities you should already be using –
Number one is the Secunia Personal Software Inspector, quite possibly the most useful and important free application you can have running on your Windows machine.

For more information on Secunia PSI please read “Play Russian Roulette – Don’t Update Your Applications”, on this site. This review of Secunia PSI includes download links.

In the meantime: Steps you can take while waiting for Adobe to issue these critical patches –

As always, be cautious when browsing untrusted websites

Ensure your AV definitions are current

If you are running FireFox you should be running the NoScript add-on, and you might consider installing and running the Flashblock add-on. Both offer substantial protection. This solution is not perfect however, and you may still be vulnerable.

Run all software as a non-privileged user with minimal access rights.

Frankly, I do not use, nor would I ever use, an Adobe product on any of my systems. These zero day exploits against Adobe products seem to be never ending.

To read a comprehensive technical report on this issue, check out “Heap Spraying with Actionscript – Why turning off Javascript won’t help this time”, on the FireEye Malware Intelligence Lab site.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

5 Comments

Filed under Adobe, Application Vulnerabilities, Don't Get Hacked, Firefox Add-ons, Free Anti-malware Software, Freeware, Internet Safety, Malware Advisories, Online Safety, Security Rating Applications, Software, System Security, Windows Tips and Tools