Software update pop-ups never seem to come at the right time. You’re busy composing an urgent e-mail, reading a breaking news story or viewing a hilarious You Tube video. The temptation to ignore it may be strong but there’s a better reason to click “Yes” and install an update because it could protect your computer.
Anti-virus provider Avast Software recently released a report that six out of every 10 users of Adobe Reader, from San Jose-based Adobe Systems, is using an outdated, and therefore more vulnerable, version of the software for viewing documents created in the portable document format (PDF). The latest version of Adobe Reader is version 10, which Adobe identifies with the Roman numeral X, and 40 percent of Avast customers are on Adobe Reader X (see chart). Another 35 percent are on its predecessor, Adobe Reader 9, which is still better than version 8 or 7 or 6, but not as well protected as X. The rest use earlier versions as old as Reader 3 (I think from when Ronald Reagan was president).
Updating is important because, with more than 80 percent market penetration, Reader is the most widely used PDF reader out there, and just as Microsoft Windows is the target of computer viruses and other threats because it’s so ubiquitous, Reader is also a target because there are that many more potential victims. The number two PDF reader, Foxit, has a market share of only 4.8 percent.
It’s also important to update your operating system and your Web browser when updates or new versions are available. The latest versions of Microsoft Internet Explorer, IE 9, and Foxfire 4.0, each add features that allow the user to block tracking by advertisers of what sites you’re visiting, and also improve malware protections. You may recall hacking attacks in late 2009 of a number of corporate computer networks, such as Google’s. A security expert told me that many of the machines that were compromised were ones using IE 6, an outdated version.
Adobe software has been used by cyber criminals to distribute malware, malicious software that can infect your computer, hijacking it to launch spam attacks or steal sensitive personal information like your credit card or bank account information.
Each new version of Adobe Reader — and Adobe Acrobat for creating PDFs — adds news features and better security, but it’s all for nothing if you don’t install the update, said Brad Arkin, senior director of product security and privacy at Adobe.
“All of the work we do to make the code more robust against attacks doesn’t help if users aren’t running the latest code and these improvements aren’t on their machines,” Arkin said.
Of late, Adobe has revised its update process to make it simpler and easier for consumers to do, and not just for each new version, but for updates to the current version to protect against newly discovered threats, he said.
“We threw away the old [updater], started over,” Arkin said.
In May 2009, Adobe revised the process to respond more quickly to new threats, reducing the turnaround time to deliver a new patch to as few as 7 calendar days from 10 to 12 weeks, he said.
Adobe has also tried to make updates less intrusive. It used to be that if there was an update to offer, the update window would appear as soon as you opened the application. Arkin said that users found that annoying; they didn’t open Reader to install an update but to read a PDF. Adobe Reader X, which was released for general availability in November 2010, only notifies you of an update when the computer is idle.
Reader and Acrobat offered a new update feature called “fully silent automatic mode,” which would download updates without disturbing you and the update would take effect the next time you open the application. Another change made just last month made automatic updating the default setting for Reader X and Acrobat 10.1, and requires you to adjust the settings if you wanted another option.
Really, they’re making it easy for you to protect you computer if you just install the updates.