It's not like many other vendors are getting rid of automation and similar functionality.
The problem is the Adobe won't concede to allowing such functionality to be configured as OFF, should an Admin or Organization deem it desirable. Given that such a large environment allows its user population to run as local admin, it's not surprising what issues they present for other enterprises... [1] *ASB *(My XeeSM Profile) <http://XeeSM.com/AndrewBaker> *Exploiting Technology for Business Advantage...* * * Signature powered by WiseStamp <http://www.wisestamp.com/email-install> [1] I have this info on very good authority... On Tue, Jul 20, 2010 at 6:13 PM, Ziots, Edward <[email protected]> wrote: > Rod, > > You might actually hit the nail on the head. Adobe has been on the > threat landscape for years due to the number of flaws and attack vectors > in there products, but because it's a very popular product ( despite all > the flaws) and how its being utilized in the business and consumer > worlds, therefore the same way that M$ came to the plate and improved > their security because of the criticality of the Windows Systems in the > business and consumer worlds, Adobe needs to do the same, or face the > music and loose customers, and profit and ultimately die off to a better > solution which is more secure. > > But the problem is defintely, organizationally in my honest opinion, if > the secure development of software and all the processes and procedures > of how that is done that need to be understood and practiced accordingly > is the responsibility of senior management and enforced all the way down > through the chain, which doesn't seem to be done at adobe, which is a > shame.... > > Z > > Edward E. Ziots > CISSP, Network +, Security + > Network Engineer > Lifespan Organization > Email:[email protected] <email%[email protected]> > Cell:401-639-3505 > > > -----Original Message----- > From: Rod Trent [mailto:[email protected]] > Sent: Tuesday, July 20, 2010 6:03 PM > To: NT System Admin Issues > Subject: RE: New sandboxing ability added to next version of Adobe, is > it honestly too late? > > "... so why not strip that from running within the product and eliminate > a > big security threat." > > Over the years, I've come to the conclusion that their dev really > doesn't > know what they are doing. I really don't think they can figure it out. > > -----Original Message----- > From: Ziots, Edward [mailto:[email protected]] > Sent: Tuesday, July 20, 2010 5:52 PM > To: NT System Admin Issues > Subject: New sandboxing ability added to next version of Adobe, is it > honestly too late? > > http://www.computerworld.com/s/article/9179403/Adobe_to_beef_up_PDF_secu > rity_with_Reader_sandboxing?source=CTWNLE_nlt_pm_2010-07-20 > > Kinda looks like they know there software is insecure, and the patching > is a > loosing race, so they are trying to use sandboxing a > corrective/detective > control to prevent the nasty that can come of using adobe PDF's. > Honestly, > only of the biggest attack targets is javascript, so why not strip that > from > running within the product and eliminate a big security threat. > > I understand that the same scripting languages can be used for good or > evil, > but honestly, the line has to be drawn somewhere, that and packed PDF's > with > malicious .exe's and other malcode in them are the next step, sure the > sandbox will help, but what if the sandbox becomes compromised or > breached > itself. > > Ideas, and thoughts, either way are welcomed... > > Z > > Edward E. Ziots > CISSP, Network +, Security + > Network Engineer > Lifespan Organization > Email:[email protected] <email%[email protected]> > Cell:401-639-3505 > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
