The current Adobe advisory (http://www.adobe.com/support/security/advisories/apsa09-07.html)
regarding the new Adobe Reader zero-day exploit instructs to disable Javascript
within Adobe Reader as a workaround.
I just did a quick test and confirmed that this setting uses
the following registry key, which could be used to disable Javascript within
Adobe Reader en masse within your organization (via GPO or desktop management
software).
HKEY_CURRENT_USER\Software\Adobe\Acrobat
Reader\9.0\JSPrefs
“bEnableJS”=dword:00000000
After a patch is deployed, setting it back to a value of 1
will enable Javascript within Adobe Reader.
Leave a Reply
You must be logged in to post a comment.