Re: Disable Adobe Reader javascript?

["Eric C. Lukens" <eric.lukens () UNI EDU>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I have never run into a PDF file that needed javascript either.  Be
careful, if users do encounter a PDF file using JS, they'll likely be
prompted to turn JS back on.  If desired, I have a HKCU registry file
that can be imported (via whatever login scripting technique you use)
to disable JS and a Group Policy template (adm) to do the same.  Just
email me and I'll send them to you.

- -Eric

- -------- Original Message  --------
Subject: [SECURITY] Disable Adobe Reader javascript?
From: Gary Flynn <flynngn () JMU EDU>
To: SECURITY () LISTSERV EDUCAUSE EDU
Date: 4/29/09 11:11 AM
> Anyone ever heard of problems after disabling javacript
> in Adobe Reader or know of it commonly being used?
> We're considering pushing it as policy to managed
> workstations due to the frequency of security defects
> discovered and exploited in Adobe Reader. Two zero
> days since the beginning of the year.
>
> I've had it disabled for over a year and I've never
> had a known problem. Or maybe I just missed out seeing
> the dancing bears without knowing it.
>
> http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html

- --
Eric C. Lukens
IT Security Policy and Risk Assessment Analyst
ITS-Network Services
Curris Business Building 15
University of Northern Iowa
Cedar Falls, IA 50614-0121
319-273-7434


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.10 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkn4gUYACgkQN+w4PqsMNp1LwgCfX/WP3ltunbFEkyN4YpdXA+E0
5zgAn2qHH1kuepYR0/nKHps755w19ZGC
=tWlU
-----END PGP SIGNATURE-----