Adobe's main products, and Java, are the biggest attack surfaces in an IT environment at the moment IMO. The days of Windows and/or the browser being the weak link are gone, but these threats adapt themselves to the user landscape.
Sent from my SR-71 Blackbird -----Original Message----- From: "Rod Trent" <rodtr...@myitforum.com> Date: Fri, 4 Nov 2011 15:29:44 To: NT System Admin Issues<ntsysadmin@lyris.sunbelt-software.com> Reply-To: "NT System Admin Issues" <ntsysadmin@lyris.sunbelt-software.com>Subject: RE: So...I need to pitch the Adobe upgrade In addition to what you have noted, you may also want to note that Adobe is one of the leading culprits for zero day, and probably have the most .xxxx's after their version numbers due to the number of times they have had to release security updates. http://secunia.com/advisories/vendor/4/ Might make sense, to sign-up for alerts on Secunia specifically for Adobe. From: David Lum [mailto:david....@nwea.org] Sent: 04 November 2011 17:35 To: NT System Admin Issues Subject: So...I need to pitch the Adobe upgrade We have at least 40 users who actually need the full version of Adobe Acrobat and potentially over 200. What I need to do is justify the cost to management and, being security related, means I have to come up with some kind of risk analysis to justify it. Can y'all help me with this? I am not great at thinking about the kinds of Q's management would ask. "Adobe has stopped support for version 8 of Adobe Acrobat (Reader, Standard, and Professional) this means they no longer are releasing security updates for this version. Currently we show an installed base of 250 systems which means we have this many systems that will become increasingly vulnerable. What are they vulnerable to? The malware a PDF can carry almost any kind of malware, virus, spyware, etc and is not limited to a "can only mess with other PDF's" kind of vulnerability. PDF's are a *very* common document exchange format, and a PDF file can deliver malware just as easily as visiting a website. In fact, opening a PDF from the Internet is the most likely form of compromise so the odds of compromise go up with each opening of a PDF file. It's worthy to note many PDF vulnerabilities are operating system agnostic - Mac and Windows machines are equally vulnerable. Our options are to leave the systems as-is and accept the risk of compromised systems, or to upgrade to the currently supported version of Adobe. In my opinion the potential security risk greatly exceeds the cost of upgrading the necessary systems to Acrobat X Standard which is fully supported with security updates until Nov 15, 2015" David Lum Systems Engineer // NWEATM Office 503.548.5229 // Cell (voice/text) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin _____ MIRA Ltd Watling Street, Nuneaton, Warwickshire, CV10 0TU, England Registered in England and Wales No. 402570 VAT Registration GB 100 1464 84 The contents of this e-mail are confidential and are solely for the use of the intended recipient. If you receive this e-mail in error, please delete it and notify us either by e-mail, telephone or fax. You should not copy, forward or otherwise disclose the content of the e-mail as this is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin