Users of
Adobe Reader should disable JavaScript to avoid a zero-day
hacking attack on the PDF document reader software.
This is the latest in a series of major security holes in the
Adobe software. The company said it is planning to release an
update for Adobe Reader tomorrow. This update represents the second
quarterly security update for Adobe Reader and Acrobat.
In the meantime, users should use the "general preferences"
dialog menu option to disable JavaScript - Edit > Preferences
> JavaScript, and uncheck "Enable Acrobat JavaScript".
Adobe said users running data execution prevention
(DEP)
on Windows Vista are protected from this exploit.