You've got three days to patch Adobe Flash, Air, Reader Adobe has patched seven vulnerabilities in its Flash and Air platforms and one in Reader and Acrobat that is being exploited by attackers. The vulnerabilities could allow attacker to "take control of affected systems" dubbed critical by the company. Administrators were urged to apply the updates within three days on Windows, …
...but I just finally had to dump it for Adobe last night, despite the incredibly bad taste in my mouth. It just plain couldn't handle huge PDFs, leaving a black screen instead, and it was always slow as molasses at rendering complex PDFs anyway. It seems to have been largely abandoned, no performance updates for years, just little UI changes and bugfixes. But yeah, you can imagine how awesome it feels to have a critical update come out the day I switch over.
(The fact that it's now almost as spammy about upgrading as Adobe doesn't help.)
Firefox and chrome render most PDFs without need of plugins or local PDF readers. It amazes me how many users stick with ie.
For anything else you can get away with Sumatra, foxit or perhaps pdfxchange. I'm using foxit at the moment but preferred Sumatra and may go back. I'm not a heavy PDF consumer and have yet to find anything the above couldn't handle.
Have you tried chopping the problem file up using something like pdfsam?
+1 for Sumatra. I've been using it for a while and it seems to render everything without a hitch - except for the active documents but I'd rather they went away anyway. It is also fairly small and isn't bloated.
I can't comment on if it's secure or not though, who knows but as it just displays the static files (as far as I know) there should be less opportunity for problems.......
Unfortunately some companies send out active PDFs that require Adobe Reader. HMRC being one of them, it's a PITA having to set up the certificates and open up Adobe Reader to allow the forms to run.
Also some versions prevented you from uninstalling the toolbar see here:
http://www.wizcrafts.net/blogs/2010/04/the_foxit_pdf_reader_is_becoming_an_adware_sup.html
Also see the steps they went to to make you install the toolbar (after the version where they had installed it anyway)
I've been using PDF-XChange for a while now. I like the fact that it makes it explicitly clear that the free version is free for personal and commercial use, so that I don't have to be concerned about installing it for small businesses, and I have had one encounter with a "signed" form that did require the use of Adobe Reader instead, but generally the performance and functionality fo PDFXchange is more than satisfactory.
That was my experience with Foxit after years of using it with no issues.
One day a update arrived. I installed it.
A whole nest of adbars were installed on each browser I have on this system, FIrfox(primary)
IE hardly used and Chrome even less used.
In each case I found it impossible to totally remove the adbar. IT returned after reboots on Firefox,
and in the case of chrome I never did figure out how to remove it. IT always returned.
At the time I was using Norton Security, it was of course useless . That prompted me to install
Malware Bytes, it found the adware that it properly listed as a malware.
Removed it and I solved the problem. Note it did require a reboot and ANOTHER run of Malware
Bytes to totally eradicate.
I'll never use Foxit again. I've moved on to Sumatra. I have no idea if it is secure or not but
it works for the PDF's I read so far.
For those that say adbars addons like that are not malware, you are most likely part of the scum bag industry doing that sort of thing. It is malware if it acts like malware.
Still no centralised update management from Adobe for Flash or Reader. We tried doing it via GPOs for Flash, but the net result seems to be that on some computers Flash gets uninstalled entirely. Need a more reliable way (that does not involve setting up an SCCM infrastructure).
In all honesty I have actually never ever encountered problems rolling out Flash updates via GPO as long as you update version after version (missing out on a couple of versions can cause problems). Acrobat on the other hand is one royal pain in the arse.
If you download a 10.1.3* setup file of Acrobat for example you will actually notice that said setup file actually contains a 10.0 MSI followed by a 10.1 MSP and a 10.1.1 MSP and a 10.1.3 MSP. Or some such. Seriously. WTF? Then having to create an administrative install of this fucking unnecessary mess because Fuckobe haven't the slightest fucking clue on how to keep their base installers up-to-date. And forget about rolling out the MSP's individually. Almost never works. So every single time there's an update... extract setup, extract MSI to admin install, extract all the MSP's, run the Acrobat Customization Wizard for the 74th time to make sure nothing broke the MST... DEPLOY.
No such problems with Foxit.
*I probably made those version numbers up but you get the idea. It's been a while since I had to deal with this excuse of an application.
Even if you use a third party update tool, you can't actually turn off the inbuilt Adobe Updater for Flash. If you want to stop it checking for and offering updates you need to set the check time to a large number as well.
I found this after being offered updates after turning off auto-update.
I then found this article: https://forums.adobe.com/message/6250514
It's sad how the Windows package management and updating systems are so terrible unless one forks up mega cash for SSCM (and wants to deal with the extra complexity). Binary executable installers need to die but they are sadly an ingrained part of the Windows culture. Even MS Office (once a poster child for this) hasn't supported GPO/MSI deployment since 2007 which means writing ugly scripts to do all the work.
Believe it or not it is actually possible to roll out Reader and Flash via GPO but it's by no means straightfoward.
One small business setup I work with uses Ubuntu and these sorts of problems just don't exist as everything gets patched daily via Apt. It's pure bliss by comparison.
Unfortunately bundled with new computers and pumped out in group policies across the world.
Do yourself a favour... http://blog.kowalczyk.info/software/sumatrapdf/free-pdf-reader.html
Using Firefox? about:config... pdfjs.disabled = TRUE will be good for you as well. I got fed up of it hosing my browser when loading any PDF larger than 5MB.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
