Security researchers fret over Adobe PDF flaw
Adobe has warned that its Reader and Acrobat PDF software is vulnerable to an unpatched vulnerability. A pair of flaws in the JavaScript functions of the PDF reading application are behind the problem, prompting Adobe to advise surfers to disable JavaScript as a workaround, pending the availability of a patch. Even after a patch …
This topic is closed for new posts.
Why Javascript
Why does a PDF reader need to be able to run Javascript? To drive upgrades?
Surprise surprise....
Flaws in Adobe software, say it ain't so!
No Scripting for You
Like I said on another post reporting the same thing ... "Scripting just needs to be off by default with a whitelist of known good sites. Users can then customize the whitelist to their own needs ... sort of like NoScript ... except I don't think NoScript works for Adobe products." I'd like to add that maybe alternative readers could also help - e.g., FoxIt. A little bit of variety makes it a little harder to get mass 0wnage at least.
This topic is closed for new posts.
