The zero-day hole in Adobe Reader and Acrobat will not earlier be patched as the next patch round within three weeks' time (that is in the coming new year) and hackers now already abuse it actively to infect systems.
An out-of-band patch for this critical hole would have a negative impact, according to Adobe's Brad Arkin....
You can be protected here, for Adobe recommends customers follow the mitigation guidance below, utilizing the Adobe Reader and Acrobat JavaScript Blacklist Framework, until a patch is available.
Windows: For end-users on Windows, download the compressed file from here: http://download.macromedia.com/pub/acro ... g_Keys.zip
, and double-click on the appropriate registry setting, based on your version of Reader or Acrobat, to populate the JavaScript Blacklist Framework. Adobe will automatically reset the value during the next update.
For other OS, see the info here: http://kb2.adobe.com/cps/532/cpsid_53237.html
My question is the blacklisting already existing inside NS? Or would that be considered?
A sample feature of what it would look like is given below:
Code: Select all
<<
/DefaultLaunchAttachmentPerms
[ /c
<<
/BuiltInPermList [ /t (version:1|.ade:3|.adp:3|.app:3|.arc:3|.arj:3|.asp:3|.bas:3|.bat:3|.bz:3|.bz2:3|.cab:3|.chm:3|.class:3|.cmd:3|.com:3|.command:3|.cpl:3|.crt:3|.csh:3|.desktop:3|.dll:3|.exe:3|.fxp:3|.gz:3|.hex:3|.hlp:3|.hqx:3|.hta:3|.inf:3|.ini:3|.ins:3|.isp:3|.its:3|.jar:3|.job:3|.js:3|.jse:3|.ksh:3|.lnk:3|.lzh:3|.mad:3|.maf:3|.mag:3|.mam:3|.maq:3|.mar:3|.mas:3|.mat:3|.mau:3|.mav:3|.maw:3|.mda:3|.mdb:3|.mde:3|.mdt:3|.mdw:3|.mdz:3|.msc:3|.msi:3|.msp:3|.mst:3|.ocx:3|.ops:3|.pcd:3|.pi:3|.pif:3|.pkg:3|.prf:3|.prg:3|.pst:3|.rar:3|.reg:3|.scf:3|.scr:3|.sct:3|.sea:3|.shb:3|.shs:3|.sit:3|.tar:3|.taz:3|.tgz:3|.tmp:3|.url:3|.vb:3|.vbe:3|.vbs:3|.vsmacros:3|.vss:3|.vst:3|.vsw:3|.webloc:3|.ws:3|.wsc:3|.wsf:3|.wsh:3|.z:3|.zip:3|.zlo:3|.zoo:3|.term:3|.tool:3|.pdf:2|.fdf:2) ]
>>
]
/DefaultLaunchURLPerms
[ /c
<<
/SchemePerms [ /t (version:1|shell:3|hcp:3|ms-help:3|ms-its:3|ms-itss:3|its:3|mk:3|mhtml:3|help:3|disk:3|afp:3|disks:3|telnet:3|ssh:3|acrobat:2|file:1|mailto:2) ]
/SponsoredContentSchemeWhiteList [ /t (http|https) ]
/FlashContentSchemeWhiteList [ /t (http|https|ftp|rtmp|rtmpe|rtmpt|rtmpte|rtmps|mailto) ]
>>
]
/DefaultExecMenuItems
[ /c
<<
/WhiteList [ /t (Close|GeneralInfo|Quit|FirstPage|PrevPage|NextPage|LastPage|ActualSize|FitPage|FitWidth|FitHeight|SinglePage|OneColumn|TwoPages|TwoColumns|ZoomViewIn|ZoomViewOut|ShowHideBookmarks|ShowHideThumbnails|Print|GoToPage|ZoomTo|GeneralPrefs|SaveAs|FullScreen|OpenOrganizer|Scan|Web2PDF:OpnURL|AcroSendMail:SendMail|Spelling:Check Spelling|PageSetup|Find|FindSearch|GoBack|GoForward|FitVisible|ShowHideToolbarEditing|ShowHideToolbarCommenting|ShowHideToolbarEdit|ShowHideToolbarFile|ShowHideToolbarFind|ShowHideToolbarForms|ShowHideToolbarMeasuring|ShowHideToolbarData|ShowHideToolbarPageDisplay|ShowHideToolbarNavigation|ShowHideToolbarPrintProduction|ShowHideToolbarRedaction|ShowHideToolbarBasicTools|ShowHideToolbarTasks|ShowHideToolbarTypewriter|PropertyToolbar|ShowHideArticles|ShowHideFileAttachment|ShowHideAnnotManager|ShowHideFields|ShowHideOptCont|ShowHideModelTree|ShowHideSignatures|InsertPages|ExtractPages|ReplacePages|DeletePages|CropPages|RotatePages|AddFileAttachment|FindCurrentBookmark|BookmarkShowLocation|GoBackDoc|GoForwardDoc|HelpUserGuide|HelpReader|rolReadPage|HandMenuItem|ZoomDragMenuItem|Annots:Tool:InkMenuItem) ]
>>
]
/JavaScriptPerms
[ /c
<<
/BlackList [ /t (DocMedia.newPlayer) ]
>>
]
>> Awaiting your comments?
luntrus
