I would think that changing the reg perms for that key would do it Can one script a reg perm change?
On 12/23/09, Jody & Jennifer McCluggage <[email protected]> wrote: > Thanks Tim. We, like many others, have been struggling with making sure > that JavaScript is disabled in Reader/Acrobat. We push out the registry > changes via GP and have educated end-users to not turn it on but I do > realize that if prompted as you described that the end user could simply > re-enable it. Does anyone know if there is a way to prevent the end user > from re-enabling JavaScript (maybe changing the permissions on the registry > key?). It appears (unless I read it wrong) that this blacklisting tool > works on a case-by-case basis and will not universally disable JavaScript. > > Thank you and Happy Holidays! > > Jody > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Tim Mugherini > Sent: Wednesday, December 23, 2009 8:12 AM > To: PaulDotCom Security Weekly Mailing List > Subject: [Pauldotcom] Adobe PDF Javascript > > Hello All, > > I know EP 180 hasn't been released on audio yet (so I have not > listened) but I noted Larry's show note on my SANS mailing list post > regarding disabling javascript in Adobe Acrobat/Reader. While you can > disable javascript via .reg or adm it will still warn the user when > opening a .pdf with javascript in it and give them the option to > re-enable js. What I did not know until today is Adobe implemented the > JavaScript Blacklist Framework back in October with their latest and > greatest versions of Reader/Acrobat 8 & 9. > > This is useful for blocking specific attacks (like the current 0 day) > via .reg or adm. No menu option exists from what I can find. More info > can be found here > > http://kb2.adobe.com/cps/532/cpsid_53237.html > > http://kb2.adobe.com/cps/504/cpsid_50431.html > > Still think someone need to take one of those Clue By Four's and smack > Adobe with it. > > Happy Holidays! > > Tim (bugbear) > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > -- Sent from my mobile device _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
