UnderForge of Lack

とうとうAdobeが公式に JavaScriptをOFFにするように発表してしまいましたトサ。

Buffer overflow issues in Adobe Reader and Acrobat
A critical vulnerability has been identified in Adobe Reader 9.1 and Acrobat 9.1 and earlier versions. This vulnerability (CVE-2009-1492) would cause the application to crash and could potentially allow an attacker to take control of the affected system. A second vulnerability has also been reported that appears to affect Adobe Reader for Unix only (CVE-2009-1493).

1. Launch Acrobat or Adobe Reader.
2. Select Edit>Preferences
3. Select the JavaScript Category
4. Uncheck the ‘Enable Acrobat JavaScript’ option
5. Click OK

Microsoftも（たぶん）泣く泣くUSB Autorunを殺したことですし、Adobeもそれに倣った方がいいんじゃないのかなぁ？

This entry was posted on 火曜日, 5 月 5th, 2009 at 12:09 PM and is filed under RiskHedge, security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.