PaulDotCom mailing list archives
Disabling Acrobat JavaScript
From: gbugbear at gmail.com (Bugbear)
Date: Tue, 8 Jun 2010 22:04:40 -0400
I use custom GPO or mgmt system that can edit HKCU a logon script for the user is another option Also check out the blacklist framework post my ranting I have compiled some info here (hey it was the holidays and I was annoyed) http://securitybraindump.blogspot.com/2009/12/adobes-0-face.html and also VRT has done some good research here http://vrt-sourcefire.blogspot.com/2010/01/acrobat-javascript-blacklist-framework.html here's an ADM template for GPO, hope this helps CLASS USER CATEGORY "Adobe Acrobat/Reader 7.x - 9.x" POLICY "JavaScript Reader 9.x" KEYNAME "Software\Adobe\Acrobat Reader\9.0\JSPrefs" EXPLAIN "Enable or Disable JavaScript in Acrobat Reader 9.x" VALUENAME "bEnableJS" VALUEON NUMERIC 1 VALUEOFF NUMERIC 0 END POLICY POLICY "JavaScript Acrobat 9.x" KEYNAME "Software\Adobe\Adobe Acrobat\9.0\JSPrefs" EXPLAIN "Enable or Disable JavaScript in Acrobat 9.x" VALUENAME "bEnableJS" VALUEON NUMERIC 1 VALUEOFF NUMERIC 0 END POLICY POLICY "JavaScript Reader 8.x" KEYNAME "Software\Adobe\Acrobat Reader\8.0\JSPrefs" EXPLAIN "Enable or Disable JavaScript in Acrobat Reader 8.x" VALUENAME "bEnableJS" VALUEON NUMERIC 1 VALUEOFF NUMERIC 0 END POLICY POLICY "JavaScript Acrobat 8.x" KEYNAME "Software\Adobe\Adobe Acrobat\8.0\JSPrefs" EXPLAIN "Enable or Disable JavaScript in Acrobat 8.x" VALUENAME "bEnableJS" VALUEON NUMERIC 1 VALUEOFF NUMERIC 0 END POLICY POLICY "JavaScript Reader 7.x" KEYNAME "Software\Adobe\Acrobat Reader\7.0\JSPrefs" EXPLAIN "Enable or Disable JavaScript in Acrobat Reader 7.x" VALUENAME "bEnableJS" VALUEON NUMERIC 1 VALUEOFF NUMERIC 0 END POLICY POLICY "JavaScript Acrobat 7.x" KEYNAME "Software\Adobe\Adobe Acrobat\7.0\JSPrefs" EXPLAIN "Enable or Disable JavaScript in Acrobat 7.x" VALUENAME "bEnableJS" VALUEON NUMERIC 1 VALUEOFF NUMERIC 0 END POLICY END CATEGORY On Tue, Jun 8, 2010 at 6:09 PM, Craig Freyman <craigfreyman at gmail.com> wrote:
What have some of you done to disable?JavaScript?in Acrobat Standard/Pro as well as Acrobat Reader from a corporate perspective? ?I am referring to installations that are already in place. ?Custom GPO? I've found a few articles describing the registry setting: [HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\8.0\JSPrefs] "bEnableJS"=dword:00000000 This will work for XP clients but?this key?isn't?in this place on my Windows 7 box. It is under HKEY_Users\(MY SID)\Software\Adobe....... If this is the case, if I'll have to write a script that grabs the user's SID before running the registry file on?login. ?Any other options people have used? _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Disabling Acrobat JavaScript Craig Freyman (Jun 08)
- Disabling Acrobat JavaScript Nicholas B. (Jun 08)
- Disabling Acrobat JavaScript Bugbear (Jun 08)
- Disabling Acrobat JavaScript Denis Hancock (Jun 08)
- Disabling Acrobat JavaScript Craig Freyman (Jun 08)
- Disabling Acrobat JavaScript Gibson, Samuel (Jun 10)
- Disabling Acrobat JavaScript Jody & Jennifer McCluggage (Jun 10)
- Disabling Acrobat JavaScript Craig Freyman (Jun 11)
- Disabling Acrobat JavaScript Bugbear (Jun 15)
- Disabling Acrobat JavaScript Dahl, Kevin (Jun 15)
- Disabling Acrobat JavaScript Bugbear (Jun 15)
- Disabling Acrobat JavaScript Jody & Jennifer McCluggage (Jun 15)
- Re: Disabling Acrobat JavaScript Bugbear (Jun 16)