TechWhirl (TECHWR-L) is a resource for technical writing and technical communications professionals of all experience levels and in all industries to share their experiences and acquire information.
For two decades, technical communicators have turned to TechWhirl to ask and answer questions about the always-changing world of technical communications, such as tools, skills, career paths, methodologies, and emerging industries. The TechWhirl Archives and magazine, created for, by and about technical writers, offer a wealth of knowledge to everyone with an interest in any aspect of technical communications.
Just located the Adobe security advisory. Here is the link. This indicates that a patch should be available by Jan. 12. If you are using PDFs from trusted sources, it appears you should be OK if you leave the JavaScript enabled. But definitely disable it before opening any PDFs from sources you can't confirm are trustworthy.
Regards,
Karen
Karen M. Graziano
kmgraziano03 -at- yahoo -dot- com
________________________________
From: Robert Lauriston <robert -at- lauriston -dot- com>
To: TechWR List <techwr-l -at- lists -dot- techwr-l -dot- com>
Sent: Thu, December 17, 2009 8:00:01 PM
Subject: Re: Fw: Adobe confirms PDF zero-day attacks. Disable JavaScript now | Zero Day | ZDNet.com
I just noticed that disabling Javascript broke the PDF timesheet form
the agency I'm working for uses, so that my hours aren't being
totaled.
On Thu, Dec 17, 2009 at 12:43 PM, Karen Graziano <kmgraziano03 -at- yahoo -dot- com> wrote:
> FYI, see link to article below regarding a critical vulnerability in Adobe. If you are able to work with PDFs without JavaScript, you should implement the short-term fix outlined in the article. I checked Symantec and their site lists this as a high risk vulnerability. There is no patch available yet from Adobe.
>
> If you have both Adobe Reader and Adobe Acrobat (standard or professional), you need to apply the fix to both programs. This applies to all versions of both programs, up to and including 9.2.
>
> Regards,
> -Karen
> whose day has been brightened by y'all :-)
>
> Karen M. Graziano
> kmgraziano03 -at- yahoo -dot- com
>
> Subject: Adobe confirms PDF zero-day attacks. Disable JavaScript now | Zero Day | ZDNet.com
> FYI.
> Adobe confirms PDF zero-day attacks. Disable JavaScript now
>http://blogs.zdnet.com/security/?p=5119
>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Are you looking for one documentation tool that does it all? Author,
build, test, and publish your Help files with just one easy-to-use tool.
Try the latest Doc-To-Help 2009 v3 risk-free for 30-days at: http://www.doctohelp.com/
Help & Manual 5: The all-in-one help authoring tool. True single- sourcing --
generate 8 different formats and as many different versions as you need
from just one project. Fast and intuitive. http://www.helpandmanual.com/
---
You are currently subscribed to TECHWR-L as kmgraziano03 -at- yahoo -dot- com -dot-
Are you looking for one documentation tool that does it all? Author,
build, test, and publish your Help files with just one easy-to-use tool.
Try the latest Doc-To-Help 2009 v3 risk-free for 30-days at: http://www.doctohelp.com/
Help & Manual 5: The all-in-one help authoring tool. True single- sourcing --
generate 8 different formats and as many different versions as you need
from just one project. Fast and intuitive. http://www.helpandmanual.com/
---
You are currently subscribed to TECHWR-L as archive -at- web -dot- techwr-l -dot- com -dot-
