adobe_logo_2009.jpg
Adobe keeps pushing Reader, making it more attractive and secure for business users. This week alone, it has addressed some of the security issues around PDFs as well as extending the functionality of EchoSign so that users will be able to receive and send documents for electronic signature within the application itself.

According to a blog post earlier this week, the new EchoSign functionality was introduced to make it more attractive to a mobile workforce and, according to the marketing blurb, will make it a “one-stop shop for electronic signatures."

Adobe, EchoSign

The extension of the functionality follows the introduction of EchoSign for Adobe Reader last September, which the company says was a first step toward the integration of EchoSign technology into its document solutions and services, with this upgrade a further move in that direction.

Why now is a question that they still haven’t answered, and with the wide range of electronic signature services that are currently available on the market -- electronic signature capabilities for SharePoint and KnowledgeTree spring to mind, as does Nuxeo v5.4.2, which added sign-off on PDF files -- but the difference here is that just about everyone has, or has access to, Reader.

Maybe it’s just playing catch-up. Adobe only acquired EchoSign last July and has been working with it ever since to integrate it and move its users further toward a paperless office, if indeed, we ever get there.

All that said, it will be a useful business tool for workers who spend a lot of time on the road. With the new functionality, users can place a scanned copy of their signature into a document. But for those who don’t have access to a scanner, the “Only I Sign” feature enables them to draw, or even type the signature in.

Using the “Send for Signature” button, your document will be uploaded into EchoSign, initiating the workflow that will end up with a signed document. This also applies to initials, contact information, company, or title, which is facilitated by easy drag-and-drop fields.

And it all falls under the Federal E-SIGN Act too, which makes signatures signed in this way in a commercial transaction legally binding.

New Security Patches

Of course none of this would any difference at all, if users didn’t feel that their documents were secure, and Adobe has announced this week that it has secured six vulnerabilities in Reader that dealt with attacks using infected PDF documents that were emailed to companies last December.

Following the attacks, Adobe had patched Reader 9 for Windows weeks ago, but said at the time that it would wait until v10 to apply those patches to all platforms.

All six vulnerabilities were described by Adobe as “critical," so it’s probably a good idea to upgrade if you haven’t already done so.

According to an Adobe security blog post, the patch will allow administrators to disable the execution of JavaScript in PDF files.

Adobe Reader and Acrobat allow administrators to disable the execution of JavaScript embedded in PDF files, a potential attack vector for exploits. While doing so provides mitigation against JavaScript-based vulnerabilities, it also breaks PDF-based solution workflows that rely on forms and JavaScript,” the blog post said.

With the new whitelisting capabilities, Adobe Reader and Acrobat X will allow JavaScript if the document comes from a trusted location. If not, both applications will prevent it from running.

The hope here is that it will offer considerably more security than in the past as the JavaScript has been behind many of the vulnerabilities over the years. A welcome start to the year from Adobe.