also in the same area is a "cDefaultLaunchAttachmentPerms" and under that is a .bat (batch file)

surely this is also a threat ?

personally I dont want PDFs to launch anything

why dont they supply a registry file to download ?!

Because the key you edit contains other user-changeable preferences. Credit Adobe for storing this all in one key.

Hmm. I'm shuddering with trepidation, but I can't decide if I'm more worried about this security flaw or the idea of my elderly mother and her best friend poking around in her registry. In fact, the more I think about this, I think I'd prefer the flaw because it can't call me at 6 A.M. to report that there is a "blue screen of death" loading when she tries to start her computer. As is often the case, this issue will impact those with the least amount of technical knowledge most heavily, and the fix could cause more problems than it solves in this group of users. I think this position is irresponsible on the part of Adobe since an update like this should be made automatic in their software. They've had two weeks, and that's long enough to script an update to change a registry value. Oh well. Maybe Mom will make some cherry pie when I come over to fix her machine. Come to think of it, Adobe loses on this one since my mom makes the best cherry pie. :P

Yeah she does!

"In the meantime, it's advising Windows customers to edit their registry manually - which, as any system admin knows, is a dangerous proposition."

The registry is edited, read from, and manipulated thousands of times a session without issues. It's when apps that "tweak" it are let loose on the thing it falls apart.

Or people that do not know what they are doing.

I use Adobe Acrobat 5.0 and its not a problem in there. I looked at all the acrobat entries and it just didnt have any such setting. and they are not in policies in version 5. So I think this is limited to the bloated slow loading versions of adobe acrobat reader...

I just do not get the reason Adobe destroyed a perfect rpoduct and added all that DRM garbage to it. I can read anything with 5.0 and its very fast loading. The print to PDF feature makes pdf creation easy and effecient. Anymore people use 3rd party PDF tools to make their PDF instead of Acrobat because those 3rd party tools are so fast. Acrobat 5.0 is as well. so I am assuming anything higher is slow because of all the DRM and policy managment garbage in those versions...

It's actually unclear which versions are affected. It says 8.1 or earlier. Do they mean earlier versions of 8, or all earlier versions of the programs listed? I'm assuming this only applies to version 8.x, but that's not what it says.

If by "earlier versions", the mean all before and including 8, then this vulnerability has been out since the beginning of time.

matt2971: Foxit is a great alternative for casual PDF browsers, but do realize that for professionals who use PDFs for large brochures at high DPI, Adobe Reader does actually perform better and render the PDFs properly.

I'm a huge advocate for Foxit's success, but I still don't believe that it is time for Foxit to take on Adobe head to head as a full replacement.

Why doesn't Microsoft buy Foxit software already, and bundle it with Windows?

So many hours of my life, wasted, installing Adobe Reader.

Uh, because Microsoft is absolutely petrified to bundle ANYTHING with windows anymore that might harm competitors?

You got that right. As soon as they did, someone, meaning many, would be screaming "monopoly" again. Then the EU would want them to unbundle it, so the european community can load Adobe on it.

**Edit**
Then again, maybe the EU should go after Adobe.

Er, one word: Foxit.