Adobe urged to disable JavaScript by Sophos

Adobe urged to disable JavaScript by Sophos

Bangalore: Software provider Adobe has been advised to start disabling JavaScript in its products by default by Sophos, an IT security and data protection firm. This report comes following the recent security update for Adobe Acrobat and Reader that fixed a serious vulnerability relying on JavaScript code.

The vulnerability called CVE-2010-1297 involved a booby-trapped PDF file that contained a Flash animation and relied on JavaScript for the exploit to work. It is more complex than previous Adobe exploits. This will mark a new trend in the development of Adobe exploits.

The recommendation by Sophos to all users is to disable JavaScript in Adobe Acrobat and Reader by default.

Vanja Svajcer, Principal Virus Researcher at Sophos said, "The company's regular security updates show that Adobe is now doing more to address vulnerabilities, but the high number of patched vulnerabilities indicate that it may be a good time for Adobe to overhaul its approach to building security into its products. If nothing else, JavaScript should be disabled by default in Adobe Reader."


Copyright © 2013 Technology Effect and Blogger Templates - Anime OST.