Sophos counsels Adobe to disable JavaScript

By Vinod Yalburgi | Published on 01 Jul 2010
Sophos counsels Adobe to disable JavaScript

Sophos - an IT security and data protection firm, has reportedly counseled software provider Adobe to start disabling JavaScript in its products by default. This is in direct reaction to the most recent security vulnerability detected on Adobe Acrobat and Reader involving the JavaScript code. Apparently the vulnerability has been patched up with the release of a security update for Adobe Acrobat and Reader.

The vulnerability reportedly codenamed CVE-2010-1297 - is said to involve a booby-trapped PDF file containing a Flash animation, that relied on JavaScript for the exploit to work. The exploit is stated to be more complex than earlier Adobe exploits, potentially signaling a new pattern in the evolution of Adobe exploits.

Sharing his viewpoints on Adobe exploits, Vanja Svajcer Principal Virus Researcher at Sophos, has reportedly said, “The common thread in most, if not all, Adobe exploits is the requirement for JavaScript , as exploits will work correctly only if JavaScript is enabled. This is why we recommend all users disable JavaScript in Adobe Acrobat and Reader.”

Further emphasizing the need to disable JavaScript in Adobe, Svajcer has reportedly stated, “The company’s regular security updates show that Adobe is now doing more to address vulnerabilities, but the high number of patched vulnerabilities indicate that it may be a good time for Adobe to overhaul its approach to building security into its products. If nothing else, JavaScript should be disabled by default in Adobe Reader.”

Henceforth, Sophos has recommended all users to disable JavaScript in Adobe Acrobat and Reader by default. For all those interested, additional details of how to disable JavaScript in Adobe could be found on the SophosLabs Blog here: http://www.sophos.com/blogs/sophoslabs/v/post/3267

Vinod Yalburgi
Vinod Yalburgi

Email Email Vinod Yalburgi

Tags:
Security Watch security Adobe Acrobat adobe Sophos SophosLabs sophos india sophos security sophos security and data protection IT security data protection security vendors adobe reader security vulnerability javascript vulner
Advertisements

Trending Articles

Advertisements

LATEST ARTICLES View All

Advertisements
hot deals amazon
Professional Feel 260 Watt Multifunctional Food Mixers
Professional Feel 260 Watt Multifunctional Food Mixers
₹ 480 | $hotDeals->merchant_name
Philips HR3705/10 300-Watt Hand Mixer, Black
Philips HR3705/10 300-Watt Hand Mixer, Black
₹ 2019 | $hotDeals->merchant_name
VEGA Insta Glam Foldable 1000 Watts Hair Dryer With 2 Heat & Speed Settings (VHDH-20)- White
VEGA Insta Glam Foldable 1000 Watts Hair Dryer With 2 Heat & Speed Settings (VHDH-20)- White
₹ 503 | $hotDeals->merchant_name
KENT Hand Blender 150W (16050), 5 Speed Control, 100% Copper Motor, Multiple Beaters, Overheating Protection, Food Grade Plastic Body
KENT Hand Blender 150W (16050), 5 Speed Control, 100% Copper Motor, Multiple Beaters, Overheating Protection, Food Grade Plastic Body
₹ 1275 | $hotDeals->merchant_name
Tanumart Hand Mixer 260 Watts Beater Blender for Cake Whipping Cream Electric Whisker Mixing Machine with 7 Speed (White)
Tanumart Hand Mixer 260 Watts Beater Blender for Cake Whipping Cream Electric Whisker Mixing Machine with 7 Speed (White)
₹ 599 | $hotDeals->merchant_name
DMCA.com Protection Status