Working with PDF documents in Windows has always been a bit of a pain. Most people end up downloading a copy of Adobe Reader, or if they are slightly more savvy the amazing and lightweight Foxit Reader. Microsoft Word 2010 gained the ability to output documents to PDF, however all of these tools have one thing in common; they are a one trick pony. According to LiveSide.Net, Microsoft Word 2013 won’t only be able to export PDF files, but it will be able to open, and even edit them.
If there were a mountain nearby, Mozilla and its team of programmers would be shouting from the top of it. They'll have to settle for cyberspace. What is it that has Mozilla so excited, you ask? Mozilla's programmers have been working on a Web-based PDF reader to replace those clunky third-party alternatives once and for all, and they just demonstrated the pixel perfect rendering of a brutal test file.
Google began shipping its Chrome web browser with a built-in PDF viewer almost a year ago, making it the first browser to have such a feature. In fact, it still continues to be the only one. This is quite strange, particularly because of the competitive nature of the browser market. But Mozilla is now getting ready to catch up with Google in this department. Hit the jump for more.
Google’s ebook store has finally stepped out of the realm of rumors and entered the real world. Matter-of-factly called the Google eBookstore, it is well stocked and supports a wide variety of devices, including PCs, smartphones, tablets and e-readers. According to Google, the store boasts the largest ebooks collection in the world with more than three million titles.
Since its Google’s ebook store, books are stored in the cloud and can be bought and read in it as well. Offline reading on Android and iOS devices is supported through native apps. As for e-readers, support is restricted to only those devices that are compatible with the Adobe eBook platform. While Amazon’s Kindle is not supported, Barnes & Noble Nook and Sony Reader are probably the most notable names on the list of supported devices.
Adobe on Monday issued another security advisory warning users of yet another zero-day bug in its software. This is the second time this month that the San Jose-based software developer has warned of a critical bug that is reportedly being exploited in the wild. While the first advisory, issued only a few days ago, warned of a critical bug in Reader and Acrobat, the latest warning pertains to a critical vulnerability in its Flash player.
“A critical vulnerability exists in Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, Solaris, and Adobe Flash Player 10.1.92.10 for Android. This vulnerability also affects Adobe Reader 9.3.4 for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh,” the bug-inured company warned in the advisory.
“This vulnerability (CVE-2010-2884) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Adobe Flash Player on Windows. Adobe is not aware of any attacks exploiting this vulnerability against Adobe Reader or Acrobat to date.”
The company expects to provide patches for both the vulnerabilities within the next three weeks.
We know it's hard to believe, but your Adobe Reader and/or Acrobat software is in need of some patching. That's according to Adobe, which is warning users of a critical vulnerability affecting Reader and Acrobat versions 9.3.4 and earlier.
That's the bad news. The even even worse news is that the vulnerability, when exploited, could crash your machine and potentially allow an attacker to seize control, Adobe says. And the really bad news is that this vulnerability is being actively exploited in the wild.
Ready for the good news? Not so fast, we haven't covered the no-good terrible news. This nasty security hole -- the one the bad guys know about and are currently exploiting -- can't yet be plugged, though if it's any consolation, Adobe promises it's "in the process of evaluating the schedule for an update to resolve this vulnerability." Comforting, isn't it?
Alright, we're finally ready for some good news, and here it is. You don't have to use Adobe products to read those PDF files. One of our favorite free alternatives is Foxit's free Reader program available here.
What do you use to read PDF documents? Hit the jump and let us know.
The newest jailbreak for Apple's iOS platform has exposed a serious exploit that could allow a remote attacker to compromise the device. The exploit is present in all iPhones, iPads, and iPod Touches running version 3.1.2 and higher. The exploit doesn't even require any particular user intervention, just opening a malicious PDF document.
The user is just required to visit a web address in mobile Safari that will load a PDF document. The PDF contains malicious code hidden in a font. The font will cause a stack overflow, allowing the code to be run on the device. A hacker could conceivably do anything at that point. Anything from deleting files, to installing spyware in the background.
This is similar to an exploit early in the iPhone's existence that used TIFF images. But this time around there are many more iPhones in the world, so we expect Apple to take this pretty seriously. Users are cautioned to avoid any PDFs for the time being.
Adobe is no stranger to criticism. The company has consistently drawn flak for its piss poor security track record. In fact, it would be reasonable to believe that Adobe is inured to the constant castigation.
But it now seems to be making more serious efforts to plug the many holes in its software. Back in April, it introduced an automatic updater for its Acrobat and Reader products, giving it the ability to tackle critical security issues speedily. And now it has turned its focus to “sandboxing,” a security mechanism that involves running the concerned software in an isolated environment - the sandbox.
Initially, the new feature, dubbed “Protected Mode, will only be used to sandbox “write calls.” But a subsequent update will also help stave off exploit code that tries to copy sensitive information from the user’s machine. "In the first release, everything that is involved in rendering a PDF has to happen within the sandbox.”
Adobe expects to have the next version of Reader ready before the end of the year.
M86 Security Labs released a list of the top 15 most observed vulnerabilities for the first half of 2010 and, surprise-surprise, Adobe Acrobat & Adobe Reader (No. 1) and Microsoft Internet Explorer (No. 2) took the top two spots.
It wasn't enough to just take the top spots, Adobe Reader and Microsoft IE overachieved (underachieved?) by claiming nine out of the 15 slots, with four of them belonging to Adobe and five for Microsoft.
The list also indicates a growing focus on exploiting Java-based vulnerabilities.
"Java is the next low-hanging fruit for attackers," says Marc Maiffret, chief technology officer at eEye Digital Security.