View Full Version : Adobe acknowledges critical security flaw in software

June 7th, 2010, 06:36 PM

Check out this article posted on the BBC.

Apparently Adobe has discovered some critical software flaw in their Acrobat Reader and Flash Player that would allow hackers to "create a "booby-trapped Flash animation, or PDF" that would give them access to a person's computer". What is more, this bug obviously affects Windows, Mac AND Linux. Also acoording to the article, this bug is currently being actively exploited.

What do you guys make of this interesitng bit of information?

June 7th, 2010, 06:39 PM
I think this probably would have been found and fixed long ago if it was FOSS. Despite the FUD to the contrary Linus' law is one of the biggest problems with proprietary software.

June 7th, 2010, 06:45 PM
Adobe put active content in the PDF format a couple years ago. Big mistake.

We really some "safe" data formats, but the industry trend is to package active content with data now.

It will get a lot worse before it gets better. Oldtimers remember a day when you didn't NEED updates. Updates used to be bug fixes and adding of features. Today a higher and higher percentage are security issues because of the mixed data+executable model that is in play.

It's not just Adobe, but today Adobe is the #1 risk. It used to be Office documents (which also can contain active content).

At some point, there must line drawn in the sand to limit the mixing before nothing is safe.