Companies: #adobe In what is starting to feel like a case of deja vu, a group of security researchers has announced a JavaScript buffer vulnerability in Adobe's Acrobat range of products ...

Adobe, although they have admitted to the flaw, has not given a time line for fixing the affected applications with include Acrobat (Reader as well) 9.1, 8.1.4, 7.1.1 and earlier. Read more here ...

This week, however, Adobe reacted faster to reports that its software was vulnerable. In February, Adobe acknowledged the bug on Feb. 19, but waited until Feb. 24 to recommend disabling JavaScript.

Disable JavaScript now According to an advisory from Adobe, the critical vulnerability exists in Adobe Reader and Acrobat 9.2 and earlier versions. It is being exploited in the wild.

If nothing else, JavaScript should be disabled by default in Adobe Reader.” Henceforth, Sophos has recommended all users to disable JavaScript in Adobe Acrobat and Reader by default.

Adobe fixed multiple security vulnerabilities in both Reader and Acrobat 9 and X for Mac OS X and Windows. The company also added a new JavaScript whitelisting feature.