Adobe Product Security Incident Response Team (PSIRT) has reported a potential Adobe Reader issue.
“Adobe is aware of reports of a potential vulnerability in Adobe Reader 9.1 and 8.1.4, as described in SecurityFocus BID 34736. We are currently investigating, and will have an update once we get more information.”
Adobe has urged users on all platforms to disable JavaScript. This is a temporary arrangement made to avoid any code execution attack. Adobe said that they plan to provide updates for all affected versions for all platforms (Windows, Macintosh and Unix) so that the issue can be resolved as soon as possible.
Instructions:
Here are a few steps that Adobe suggests:
- Launch Acrobat or Adobe Reader
- Select Edit> Preferences
- Select the JavaScript Category
- Un-check the ‘Enable Acrobat JavaScript’ option
- Click OK
Immediately recommending the users to disable JavaScript till the time a patch is released looks like a welcome step by Adobe. Better be proactive than be a victim later. No harm in playing safe, right?
However, in the meantime, is anyone aware of any alternate secured software that can be used temporarily?
(Source: Adobe blog)
4 Comments
I wholeheartedly recommend Foxit reader
http://www.foxitsoftware.com/downloads/
@ Dev,
Thanks for sharing. Will give it a try.
Anyone know how to do this via the MST transform file for deployment? I’m using the Adobe Customization Wizard 9 and can’t find the option.
how can enable javascript programmatically?