Adobe issues official workaround for PDF vulnerability

April 7, 2010 – 7:57 AM

For consumers, open up the Preferences panel and click on “Trust Manager” in the left pane. Clear the check box “Allow opening of non-PDF file attachments with external applications“.

For administrators who wish to accomplish this with a registry setting on Windows, add the following DWORD value to:
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\\Originals

Name: bAllowOpenFile
Type: REG_DWORD
Data: 0

Furthermore, an administrator can grey out the preference to keep end-users from turning this capability on, by adding the following DWORD value to:
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\\Originals

Name: bSecureOpenFile
Type: REG_DWORD
Data: 1

Source:
http://blogs.adobe.com/adobereader/2010/04/didier_stevens_launch_function.html

  1. One Response to “Adobe issues official workaround for PDF vulnerability”

  2. (Javascript being enabled or disabled no longer matters for the latest attacks)

    By manunkind on Apr 7, 2010

You must be logged in to post a comment.

Copyright 2008-2021 PC Sympathy - Entries (RSS) - Sitemap