News

Critical updates to Adobe Reader and Adobe Acrobat released

January 19, 2012

Advertisement
Advertisement
 

Adobe has released updates to Adobe Reader and Adobe Acrobat which patch multiple critical vulnerabilities in the software. The releases also include a new JavaScript whitelisting capability.

According to Adobe these updates address critical vulnerabilities in Adobe Reader X (10.1.1) and earlier versions for Windows and Macintosh, and Adobe Acrobat X (10.1.1) and earlier versions for Windows and Macintosh. These vulnerabilities could cause the application to crash and potentially allow an attacker to take control of the affected system.

JavaScript has been a frequently exploited area of PDF in recent years and the new JavaScript whitelisting capability introduced in Adobe Reader and Acrobat X (10.1.2) and 9.5 is designed to prevent that, by allowing JavaScript execution in PDF files based on document trust.

As a result of the new JavaScript whitelisting capability two additional admin controls have been added to the Preferences section in Adobe Reader and Adobe Acrobat.

JavaScript Lockdown

Provides administrators the ability to lock down all JavaScript execution, except when embedded in trusted documents, and prevent users from enabling JavaScript from the user interface/preferences

AdminTrusted Locations

Provides administrators the ability to add trusted locations

Adobe recommends that users update their software installations immediately to ensure they are protected against these exploits. More information about the new JavaScript whitelisting capabilities can be found the Adobe Secure Software Engineering Team (ASSET) Blog.

PDF In-Depth Free Product Trials Ubiquitous PDF

Debenu Quick PDF Library

Get products to market faster with this amazing PDF developer SDK. Over 900 functions and an equally...

Download free demo

Two Passwords Are Better Than One: The Low-Down On PDF Security

For people who don't spend their time looking at PDF files in text editors*, PDF security is a sometimes misunderstood beast.

For example, those document restrictions that PDF files sometimes have -- no Printing, Content Copying, Page Extraction, etc -- are essentially useless unless the PDF also has a User Password.

January 09, 2014
Platinum Sponsor



Search Planet PDF
more searching options...
Planet PDF Newsletter
Most Popular Articles
Featured Product

Debenu PDF Aerialist 11

The ultimate plug-in for Adobe Acrobat. Advanced splitting, merging, stamping, bookmarking, and link control. Take Acrobat to the next level.

Features

Adding a PDF Stamp Comment

OK, so you want to stamp your document. Maybe you need to give reviewers some advice about the document's status or sensitivity. This tip from author Ted Padova demonstrates how to add stamps with the Stamp Tool along with related comments.