[montgomery_burns]

Cog3125 said:

Well, yes, but to be fair, Microsoft has had so much more experience needing to do so. Practice does tend to bring down turnaround time. ;-)

And Macs don't have viruses because virus writers don't bother to target such an insignificant market share as the Mac. ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-)

[montgomery_burns]

So everyone is trashing Adobe for "taking its sweet time to get a patch out the door." But when articles are published about Apple taking too long to patch security issues in Mac OS, Apple defenders get all bent out of shape.

[hillstones]

jinx101 said:

I'm starting to think Adobe just isn't that great. They can't bring Flash to the iPhone, they can't patch a critical vulnerability for 3 weeks?! I mean, come on, even Microsoft usually gets critical patches out in a week.

Most vulnerabilities on all OS's come from third party software, that's no surprise. You'd think however that a major company like Adobe would have their stuff together to act sooner than later.

Adobe could bring Flash to the iPhone, unfortunately, the iPhone isn't the best platform for Flash. Flash Lite will run on smartphones running Windows Mobile, and Flash 10 will be available on those same smartphones next year. Since Steve Jobs expressed his hatred for Flash, it is no wonder we haven't seen Flash on the iPhone, and probably never will.

Now if all websites included a Non-Flash version, then Flash would not be needed, ever. Unfortunately, most sites don't offer a Non-Flash version.

[CharlesBecker]

"But when articles are published about Apple taking too long to patch security issues in Mac OS, Apple defenders get all bent out of shape." If you check the Apple user forums on the Apple site, I think that you'll find that what Mac users get all bent out of shape about is the length of time it takes to get the problem fixed and the lack of information given out cb

[Cog3125]

montgomery_burns said:

And Macs don't have viruses because virus writers don't bother to target such an insignificant market share as the Mac. ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-) ;-)

LOL! Ah yes, an old chestnut, but a goodie, Monty.

And don't forget: Steve Ballmer is disdainful of small market shares. We certainly don't want to incur his disdain, now do we? Sounds like a good reason to "be a PC" to me:

"Hey everybody! Let's all run out in that big asphalt covered field with the giant neon orange target painted in the middle where the passing bombers will be more likely to notice us. It can't help but be a good idea: 90% of the population is doing it!" :-D

[gilli2]

Adobephile, your second link does not work, but thanks for the first one. I would never be without the most up-to-date Adobe Reader, especially for presentation of illustrated stories. Much more superior than Preview.

[DPG4450Guy]

I hate the constant inaccurate phrase "could allow ... to take over control of your computer."

That's not what is going on, and I'd like MacWorld (and other zines) to more accurately publish exactly what the exploit CAN do ... and what it most certainly CANNOT.

[Dan Moren]

DPG4450Guy said:

I hate the constant inaccurate phrase "could allow ... to take over control of your computer."


That's not what is going on, and I'd like MacWorld (and other zines) to more accurately publish exactly what the exploit CAN do ... and what it most certainly CANNOT.

From Adobe's own security bulletin:

This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system.

What about that phrase was inaccurate?

[n4hhe]

I agree with Dan in differing with DPG4450Guy. The statement is accurate. What its saying is that a new means of assuming control over the CPU's PC (Program Counter) has been uncovered. After this, one is almost in kiddie-script land as all one has to do is insert tried and true trojan code in the data and tweak the known vulnerability to jump to that code.

In other words, a way has been found to crash an application. Now all that remains is the relatively easy process of tuning data so that the CPU crashes into trojan code rather than run off in the weeds.

The statement says a vulnerability has been discovered. The next stage of exploiting the vulnerability is rarely reported because it will be exploited in a few days.