"Massive 'Lurid' APT attack targets dozens of government agencies"

September 26, 2011 | By Roger A. Grimes | InfoWorld

Particularly noteworthy in the Lurid campaign is the ease with which the perpetrators managed to compromise their victims in the first place: They simply used known Adobe Reader exploits and malicious screensavers to infect user machines with malicious downloaders, which in turn connected to the hackers' command-and-control servers to await further instructions. As far as payload went, Trend Micro found that the downloader could install malware as a Windows service. It could also copy itself into the system folder and "ensure persistence by changing the common startup folder in Windows."

Microsoft and Apple both have serious problems with Adobe.

Has Adobe's persistent arrogant disregard for security made it the Ford Pinto of software?

Here are some alternatives...

PDF Readers (use instead of Adobe Reader)

• List of PDF Software

Flash Players (browser plugins to replace Adobe Shockwave Flash)

• LightSpark
• Gnash
• Swfdec (not in active development?)

SWF, Shockwave, Flash

• Discussion of the relationship between SWF, Shockwave, Flash, etc.