Recently, a lively patch management listserv discussion broke out over Adobe Reader. Yes, a program for reading PDFs got lots of IT pros hot and bothered.
Adobe Reader is used by just about everyone. However, a few years ago, the program became a serious avenue for attacks. Many IT administrators had reached a boiling point with Adobe's software for a variety of reasons: slow load times, security concerns and frequent patches, to name just a few.
Despite wanting to switch, a majority of IT shops haven't, for a variety of reasons. Instead, they have begun to incorporate alternative enterprise offerings alongside Reader.
"We haven't completely moved away from Adobe products, but for creating basic PDF documents, we use CutePDF, which is a freeware program, and we still use Adobe Reader for basic viewing," said Cornelis Molenaar, an IT specialist at the Palabra Foundation. He said his big motivation to switch from Adobe was finding a program that starts up more quickly and is more secure.
As a nonprofit, the Palabra Foundation is concerned with the balance between cost and functionality. Aside from CutePDF and Reader, a few employees at the South Africa-based organization use Nitro PDF, which provides the ability to create and edit PDF files.
The foundation would like to provide a single PDF program to its employees, but CutePDF and Nitro don't always render documents correctly, Molenaar said. Reader is the only program that the IT department has determined works well with its remote desktop and virtualization efforts.
"I have supported deploying Adobe software in a large enterprise for nearly three years, and I have to say they are among the most difficult to manage," said Derrick Davis, an enterprise architect at a Philadelphia-based IT services and recruitment company.
Davis said his company hasn't switched to an alternative PDF reader yet because it has thousands of PCs and making a switch from Adobe Reader can be difficult.
If a file doesn't open properly, Davis said, then his organization is on the hook to identify and solve that issue for its customers, and that could be a waste of time and resources.
After updating to Adobe Reader X, Davis observed a notable improvement in performance, manageability and security. Coincidentally, those were three things the Adobe engineering team took very seriously when updating Reader 9 to Reader X, the latter having been engineered for enterprises.
"The way that I see it is that everybody is frustrated with the bad guys because they're causing all the problems, but you can't call them up to complain," said Brad Arkin, senior director of security for the Adobe Reader team. He said Adobe was caught off guard when Reader became an avenue of attack back in 2009.
More on Adobe:
"The latest exploits generally target 9.x versions and not 10.x, which has the sandbox feature," said Carsten Eiram, chief security specialist at Secunia Software, a Denmark-based security firm. "Also, some of the zero-day vulnerabilities targeting Adobe Reader are actually exploiting vulnerabilities in the bundled Flash Player plug-in."
Alternate PDF editors
As it turns out, there are plenty of viable, enterprise-ready alternatives out there -- from free but feature-light options such as CutePDF and Sumatra PDF to more robust and costly choices from Foxit, Nitro PDF and PDF-XChange.
One thing to keep in mind when thinking about switching is that industry watchers don't really believe there are many PDF editors on the market that are viable alternatives to Adobe Acrobat. Most cite Foxit and Nitro PDF enterprise offerings as comparable programs. IT departments should decide if they need a program to edit and create PDFs or if they just need a program to read and print the file format.
If a business just needs a PDF reader, the inclusion of built-in support for PDFs in both Windows 8 and Macs, along with the ability of browsers like Chrome, Safari and Firefox to offer built-in support, will render the need for a third-party program moot soon enough.
Dig deeper on Endpoint security management tools