If I read Inappropriate Use of Adobe Code Signing Certificate my conclusion is that anything signed by the Adobe Code Signing Certificate since 2012-07-10 potentially can be malware.
As a precaution, I will manually revoke the certificate on all my systems (that’ll take a while!). If anyone knows how to automate that process, please post a comment showing how to.
Hitching on a trusted certificate of a big software company comes close to the ultimate hack: trojaning signed malware in the distribution of an OS vendor.
–jeroen
Filed under: *nix, Adobe, Android, Apple, HTC, HTC Sensation, iOS, iPad, iPhone, iPod, iPod touch, Linux, Mac, Opinions, OS X, OS X Leopard, OS X Lion, OS X Mountain Lion, OS X Snow Leopard, OS X Tiger, Power User, Windows, Windows 7, Windows 8, Windows Server 2000, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows Vista, Windows XP Tagged: adobe software, conclusion, engineering team, precaution, secure software, software, software company, software engineering, technology, ultimate hack
