Recently in Security Category

Acrobat and Reader X certified by JITC

| No Comments
Share

If you’ve been thinking about using PDF for digital signature workflows, you’ll be happy to know that Adobe Acrobat and Reader X have been certified by the US Department of Defense’s Joint Interoperability Test Command (JITC) for their compliance with the DoD’s application requirements for Public Key Enabled services, e.g digital signatures. The testing included intensive, comprehensive evaluations of Acrobat and Reader’s capabilities in:

  • Certificate operations
  • Signature and certificate status validation
  • Path processing and validation
  • Configuration and documentation

Read official JITC list of software and solutions that have been tested for Public Key Enabled compliance.

Adobe Reader 8 and Adobe Acrobat 8 End of Support

| 2 Comments
Share

Just yesterday, I posted on the need to keep your software up to date to avoid security problems and vulnerabilities. Today, a new technote came out reminding you that support for Adobe Reader 8.x and Adobe Acrobat 8.x will ends very soon.

Adobe provides five years of product support, starting from the general availability date of Adobe Reader and Adobe Acrobat. In line with this policy, support for Adobe Reader 8.x and Adobe Acrobat 8.x will end on November 3 2011.

End of Support means that Adobe no longer provides technical support or distributes runtimes. This policy affects product and security updates for all derivatives of a product or product version (localized versions, minor upgrades, operating systems, dot and double-dot releases, and connector products.)

You can read the whole technote here or I can save you the trouble and summarize. Upgrade… as quickly as possible.

There are three key, IT related, reasons to upgrade to Acrobat X or Reader X; end-of-support is just the first. The other two are the Protected View/Mode or “Sandboxing” and support for SCCM deployment and SCUP maintenance. You can read more about these technologies at the related articles below.

Our First SCUP Catalog for Acrobat and Reader X is Here
Introducing Adobe Reader Protected Mode

Adobe Reader and Acrobat X (10.1.1), 9.4.6 and 8.3.1

| No Comments
Share

In case you missed it last week, we announced the availability of Adobe Reader and Acrobat X (10.1.1), 9.4.6 and 8.3.1.

Steve Gottwals, Group Product Manager for Adobe Reader, wrote the following about the releases.

EchoSign for Adobe Reader
With Adobe Reader X (10.1.1), you can now click on the EchoSign link directly in Reader and you’ll be taken straight to the EchoSign page where you can start signing, sending and tracking your PDF documents. The entire signature process from the request for signature to the distribution and execution of the form or agreement is done online. The EchoSign signature service provides a secure subscription-based service to individuals, SMBs and enterprise customers. It enables real-time visibility into the signature process and automatically storing and managing all signed documents. We expect it will make electronic signatures the common way for people to sign documents.

Adobe Reader X(10.1.1) UI Enhancement
As we add new services, like EchoSign mentioned above, you will notice that the Reader UI has enhanced tools panes as well. Instead of “Comment” and “Share”, we have now re-organized them to hold “Tools” and “Comments”. These enhancements not only allow for better expansion in the future, they also provide a better user experience when accessing Reader’s advanced capabilities as tested with our end-users.

Adobe Reader and Acrobat Version 8 End of Support
As a reminder to the previous blog post: Adobe Reader and Acrobat Version 8 End of Support, Adobe provides five years of product support from the general availability date of Adobe Reader and Adobe Acrobat (Windows and Macintosh – Note: Adobe only supports the most recent major version of Adobe Reader for Linux Version 9.x). In line with that policy, support for Adobe Reader 8.x and Adobe Acrobat 8.x will end on November 3, 2011.

For more information regarding the security details in these releases, please see Security Bulletin APSB11-24. For detailed Release Notes, please see the Release Notes Library.

Share

In the past two weeks, it has come to light that Dutch certificate authority DigiNotar suffered a serious security breach in which a hacker generated more than 500 rogue SSL certificates and had access to DigiNotar’s services, including many that were relied upon specifically by the Dutch government for key citizen and commercial services. The full extent of the attack is still not clear.

Last week, many of the major browser vendors removed DigiNotar certificates from their list of trusted certificates, and in turn, the Dutch government renounced trust in DigiNotar and took over certificate operations at the company.

Read what this means for Adobe customers at the Security Matters blog

Can Acrobat PDF Redaction be Trusted?

| No Comments
Share

Mark Niemann-Ross, Adobe certified expert on Acrobat Professional, provides some pointers to anyone concerned with protecting their confidential information using the redaction tools in Acrobat. He discusses another example of where the right tool for the right job can save you embarrassment and possibly a legal troubles.

Read Can Acrobat PDF Redaction be Trusted?

Share

A new TechNote has been published that is a rapidly evolving portal for administrator-centric documentation and tools that provides:

  • A formal enterprise administration guide in PDF format.
  • Comprehensive details about enterprise deployments, configuration, and security.
  • A living list of new topics added to the admin guide.
  • Links to other major admin-centric libraries.
  • Links to Tools

This is an excellent resource for anyone who needs to administer deployments of Adobe Acrobat and Reader. Go to the link below and bookmark it!

Check out Enterprise Administration of the Acrobat Family of Products

Every Registry Setting in Acrobat and Reader Demystified

| No Comments
Share

Introducing the Administrator’s Information Manager for Acrobat (AIM). This tool is designed to help enterprise administrators configure, deploy, and manage clients and workflows that leverage the PDF platform.

AIM contains the Preference Reference, a preference dictionary for Acrobat products. The Preference Reference for Acrobat and Adobe Reader is organized by preference path and name, and its structure is identical to the Windows registry. Each top level name is expanded into a user-friendly name. However, by using the Table of Contents, you can search by keyname, friendly name, or subfeature friendly name. The quick and full indices as well as the other pages should make needed information quickly accessible.

Every Registry Setting in Acrobat and Reader Demystified

Workflow Fixes with Enhanced Security Enabled

| No Comments
Share

As of the 9.3 and 8.2 updates, enhanced security is automatically enabled by Adobe Reader. Because enhanced security restricts certain features and document behavior, some users may encounter broken workflows or unfamiliar dialogs.

Workflow Fixes with Enhanced Security Enabled

Share

JavaScript support is one of Acrobat’s and Adobe Reader’s most powerful features, and Adobe provides several controls that enable tuning application behavior so that JavaScript (JS) executes within your desired level of security. I posted an article on my developer blog that discusses this topic but because it affects IT managers as well, I’ve posted this little blurb here.

Jump to Managing JavaScript Execution in the Acrobat Family of Products on the PDF Developer Junkie

Share

We’ve published a new technote that describes how to

disable initiation of Acrobat.com features, but allow participation in Shared Review and live collaboration through other sharing mechanisms like a shared network drive or Sharepoint server.

Read Disable Access Points to Acrobat.com Services in Windows Network Deployments