Adobe Reader and Acrobat JavaScript Blacklist Framwork Mitigation for Security Advisory - APSA09-07
Issue
Adobe has confirmed a critical vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions that could cause a crash and potentially allow an attacker to take control of the affected system as described in Security Advisory APSA09-07. Adobe recommends customers follow the mitigation guidance below, utilizing the Adobe Reader and Acrobat JavaScript Blacklist Framework, until a patch is available.
Overview
The Adobe Reader and Acrobat JavaScript Blacklist Framework provides customers granular control over the execution of specific JavaScript API calls. The purpose of the Framework is to allow Adobe to protect customers against attacks that target a specific JavaScript API call, like the one referenced in Security Advisory APSA09-07.
Solution
Consumers
Windows: For end-users on Windows, download the compressed file, and double-click on the appropriate registry setting, based on your version of Reader or Acrobat, to populate the JavaScript Blacklist Framework. Adobe will automatically reset the value during the next update.
Mac and UNIX: For end-users on Mac and UNIX, please follow the Enterpise instructions below.
Enterprises
Windows: Entperise administrators should use the documentation provided at: CPS ID 50431 for detailed instructions on using the JavaScript Blacklist Framework and to determine the best approach for their Windows environment. The required keys are in the following compressed file for Windows.
Macintosh:
- On your Mac, go to Applications folder or location where you have (Adobe Reader or Acrobat) installed
- Right click on Adobe Reader or Acrobat Professional
- Click on Show Package Contents
- Expand Contents
- Expand MacOS
- Expand Preferences
- Make a backup of the FeatureLockDown file
- Right click on FeatureLockDown
- Open With TextEdit
- Just before the last >> add this line to the FeatureLockDown file
/JavaScriptPerms [ /c << /BlackList [ /t (DocMedia.newPlayer) ] >> ]
- Save the file
- Restart Adobe Reader or Acrobat
- For an example of what this would look like, see: Sample FeatureLockDown.dat
Linux: Go to the Global Prefs file at:
<installation>/Reader/GlobalPrefs/reader_prefs
Add the following line to the file:
/JavaScriptPerms [/c << /BlackList [/t (DocMedia.newPlayer) ] >> ]
This content requires Flash
To view this content, JavaScript must be enabled, and you need the latest version of the Adobe Flash Player.
Download the free Flash Player now!