Kill JavaScript in Adobe Reader to ward off zero-day exploit, experts urge News Dec 15, 2009 3 mins Cybercrime Enterprise Applications Malware Public exploit code just 'day or two' away, says ...

When done, restart Adobe Acrobat Reader and your preferences will be reset to the original. It will clear all the custom settings for Collaboration, JavaScript, Security, Stamps, Color Management ...

Adobe's challenges are two-fold going forward. First off, administrators don't necessarily want to disable JavaScript in an environment where the Web is prominent.

According to the SecurityFocus page, it's known to affect Reader 8.1.4 and 9.1 for Linux, but it also suggests that other versions or platforms may be vulnerable, and links to an exploit.

If nothing else, JavaScript should be disabled by default in Adobe Reader.” Henceforth, Sophos has recommended all users to disable JavaScript in Adobe Acrobat and Reader by default.

The critical-severity Adobe Acrobat and Reader vulnerabilities could enable arbitrary code execution and are part of a 14-CVE patch update.

Security firm Sophos has urged Adobe to disable Javascript by default in its PDF products, Adobe Reader and Adobe Acrobat. Sophos believes that Adobe needs to 'overhaul its approach to building ...

Users should disable JavaScript in Adobe’s Reader and Acrobat tools to protect themselves until a patch for a just-disclosed vulnerability is available, security experts said today.

"All currently supported shipping versions of Adobe Reader and Acrobat, [Versions] 9.1, 8.1.4 and 7.1.1 and earlier, are vulnerable to this issue," said David Lenoe, the company's security program ...