June 26, 2013
Within Europe and indeed elsewhere, digital signature technology is a valuable tool for conducting secure transactions via electronic documents. For years now, Adobe has invested in making such technology readily available to all citizens through the free Adobe Reader and Acrobat. This includes working with the European Telecommunications Standards Institute (ETSI) to develop the technical specification for PDF Advanced Electronic Signature (PAdES) – that was incorporated into Adobe Reader and Acrobat in 2009 – and developing the Adobe-Approved Trust List (AATL). The AATL that is also part of the hundreds of millions of instances of Adobe Reader and Acrobat out there today helps ensure qualified certificates issued by Certification Service Providers can validate digital signatures without having to always manually import and manage certificates (although that option is still possible).
The Standards team at Adobe see the next logical step of this technology to be the integration of the EU Trust List into Adobe Acrobat and Reader software. To help explain this to our customers and followers, and what ETSI’s June 19 announcement of Trusted Lists means, check out this article written by Adobe’s Steve Gottwals, Group Product Manager and John Jolliffe, Senior Manager for European Government Affairs.
As always, if you have any comments or questions, please let us know.
June 21, 2013
In the Adobe Reader and Acrobat 11.0.03 patch, we introduced the signature field detection capability which identifies documents that the user may need to sign. Unfortunately, the signature field detection algorithm is finding some false positives and displaying the signature field detected message when it should not. We have been following the discussions on our user forums, and understand the inconvenience it has caused for some users who encountered falsely identified documents. We do apologize.
Users can quickly hide the message bar that appears for a document by clicking the icon on the left of the message bar. IT professionals and others familiar with working with registry settings can follow the instructions provided in the version 11.0.3 release notes to disable this message.
We are diligently working on improvements for the signature field detection accuracy. We are also planning to add the ability for users to turn off the signature detection message more easily. We hope to bring the improvements to you soon. Stay tuned.
9/10/13 UPDATE: The auto-detect signature field feature is disabled by default. Please see 11.0.04 Update Release for more info: http://www.adobe.com/devnet-docs/acrobatetk/tools/ReleaseNotes/11/11.0.04.html#elevenzerozerofour
Most desktop software applications rely upon a number of components within and beyond the operating system. For this reason installing, updating, and uninstalling these applications should go smoothly, and most do. On rare occasions a user may not be able to complete these tasks due to some registry or file conflict or permissions issue on the machine.
The Adobe Reader and Acrobat Cleaner Tool for Windows is designed to help IT and support professionals fix such issues and enable the successful installation of subsequent new installs or updates. It does so by removing standalone installations of these products (for version 9 and higher), including removing corrupted files, and removing or changing permissions on registry entries, even after a standard uninstall. The tool also provides options for removing problematic Acrobat items only while leaving Adobe Reader untouched, and vice versa, so that workflows are not broken. Additionally, it has both a user interface and command-line mode, both of which are documented.
You can download this tool for free from the Enterprise IT Tools for Adobe Acrobat and Reader page
on Adobe Labs. Please note that although we are releasing these tools free of charge, like other technologies on Adobe Labs, they do not come with an official support program.
May 17, 2013
You’re an IT professional. You’re responsible for ensuring software deployment happens correctly, securely and consistently. You may be responsible for configuring and then locking down what users can do on their machines. You may even be responsible for making sure the boss can update their “I like to appear in the background on TV” fan page wherever they may be. If all that sounds like your area of expertise (although you might want to find someone else to help with your bosses online and public habits), and if Adobe Reader XI and Acrobat XI are on the list of software applications that need to be installed on several (sometimes tens of thousands) desktops, then you need to get to know the Adobe Customization Wizard. The Customization Wizard allows you to configure and lockdown the Adobe Reader XI* and Acrobat XI* installation options prior to deployment via a simple UI. Sure, you could tweak installation tables and plist files, but this free tool makes all that work so much easier and faster. What kind of options are we talking about here? Not just things like pre-accepting the license agreement, or which features get installed, but also powerful controls such as configuring and locking down the many application security controls, tweaking preferences, including custom Actions and Tool Sets, determining how the software should be updated, and much more.
You can get all the juicy details on the Customization Wizard from the documentation that is part of the Enterprise Toolkit for the Acrobat family. Speaking of updates, the Customization Wizard was just updated itself with numerous bug fixes for installation configuration to help deployments go that much smoother. You can download the Customization Wizard for Windows and Mac OS X. If you have any questions about Customization Wizard, then feel free to send us a comment here or better yet, post to the Acrobat and Reader Enterprise Deployment forum. * Customization Wizard is also available for Adobe Reader X and Acrobat X too. If you need to configure those versions, please use the version of Customization Wizard specific to that Acrobat family version.
May 14, 2013
Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.02) and earlier versions for Windows and Macintosh, and Adobe Reader 9.5.4 and earlier 9.x versions for Linux. You can update your system to the latest versions from the built-in updater or by downloading the patch from the Adobe website. IT professionals can get more details on the update and deploying it from the Enterprise Toolkit for Acrobat products.
For more details please review the official security bulletin.
April 9, 2013
Cyber attackers today are intent on not only stealing data, but also crashing systems, damaging reputations, or just simply showing off their hacking prowess. As a result, businesses, schools and government agencies have to spend more resources to battle those attacks. It’s not only expensive from an IT perspective, but also in the potential loss of trust in that organization by their customers and constituents. A recent survey by PWC found that 28.6% of respondents claim their company suffered financial loss due to a security breach incident. That’s a worrying statistic for sure.
Universally-accepted file types – including PDF, unfortunately – are one of many ways these hackers gain entry to systems by embedding malicious code into the files. So choosing a PDF software application that fully uses modern mitigation techniques to reduce risk is obviously important. To help you understand the risks and evaluate a vendor’s approach to security, we have recently updated and published the white paper PDF Application Security – How to minimize your risk. It’s available for free from Adobe’s web site.
The white paper contains results of independent third-party testing on the entire Acrobat family of products, specifically related to security. Adobe Reader X and Adobe Acrobat X produced excellent results in security testing by implementing what security experts call a “defense-in-depth” approach within the software and as offered by the operating system. Adobe Reader XI and Adobe Acrobat XI have improved security and sandboxing even further, and Adobe continues to invest in security. This investment has helped reduce the need for out-of-cycle security updates. Note in the diagram below, Adobe Acrobat X only had two out-of-cycle security updates, while Adobe Acrobat 9 had seven. Deploying a software patch is a timely and expensive process, so we want to help IT professionals minimize those costs by reducing the number of out-of-cycle patches for the Adobe Acrobat family of products.
If you are considering PDF software based on the licensing cost, please be careful. The days of making software choices based on the quoted price alone – without thorough consideration of security – are long gone. You should be asking vendors about operating system mitigations built into their PDF software, processes in place for addressing security threats, and even how involved the vendor is with the broader security community. To get more details about all the ways the Adobe Acrobat family helps organizations do more with PDF, while also providing advanced security, lower costs, and easier software management, download and read the free white paper, PDF Application Security – How to minimize your risk.