Marketing hate it when I refer to competitor blogs, but Sophos' Vanja Svajcer, while discussing Adobe's accelerated security update (good move, guys!), makes a point that's worth three hearty cheers and a quote.
If nothing else, JavaScript should be disabled by default in Adobe Reader.
Go on Adobe, make my day.
Yesssssss!!!!
Though I'd settle for a slightly shorter step towards sanity.
Adobe, when I disable JavaScript, STOP SILENTLY RE-ENABLING IT WHEN YOU UPDATE(yes, I realize that this is because it's restoring defaults, so it's practically the same point: the point is that a sane update takes customizations into account).
David Harley CITP FBCS CISSP
ESET Senior Research Fellow
