Ask HN: Are Adobe Acrobat updates a security hole?

tl; dr: It seems like it&#x27;d be easy to spoof a &quot;software update&quot; dialog, and thereby install arbitrary malicious code.<p>The reason I ask: Very often, a dialog appears that says something like, &quot;There is a security update to Adobe Acrobat...Do you want to install?&quot; And if I say yes, the next dialog prompts me for my password (I&#x27;m on a Mac, FWIW.) and if I give it the password, it moves forward and installs the new software.<p>(The frequency of the updates also seems suspicious; I understand that pdfs are a prime vector for malware, though I don&#x27;t understand why.)<p>Anyway, my main question is: How do I know that this is legit? Since I always have a browser open, it seems credible that someone could craft a pop-up window to mimic the Adobe Updater dialog. (I have a pop-up blocker, but imagine that it would be possible to get past that.)<p>Am I right to be concerned about this? And if so, what to do?<p>Forgive me if this is I naive question; I&#x27;m no expert about security matters.