MASS Disabling of Javascript on Adobe Reader 9.2 on ALL workstations

Hey experts-
Need some help. Since yet another exploit has been released regarding Adobe, one of the mitigations was to disable JavaScript within Adobe Reader. My question is, how do you do this to to 500+ workstations on the same domain??!? I've looked at Adobe's instructions, but it only applies to the single user!!

(see exploit info here: )

The registry I've found that supposed to disable it doesn't seem to work:
[HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\JSPrefs]

I'm guessing it may have worked for previous versions, but not 9.2, which is what we've (unfortunately) been pushing out to all the machines..

I've also taken a look at blacklisting, but still really haven't figured out how to do that (or what to blacklist).
Looking the
Any help?!! I need to get this addressed immediately. Thanks!!
LVL 16
ThinkPaperIT ConsultantAsked:
Who is Participating?
Karl Heinz KremerCommented:
You don't have to disable JavaScript as a whole, the blacklisting takes care of just the function that is used in the exploit.

The blacklist framework is discussed in this Adobe article:
You don't have to figure out what to blacklist - Adobe has done that for you. The download file contains a registry entry that disables the function that causes the current problem.

mass extinction or mass disabling,that is the question .... :-)
I think you could write a script for this and run it from server to clients....
WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

Adobe have tools to help with "enterprise deployment" such as the Adobe Customization Wizard which you can get here:

It says you can "Customize key application preferences" so, hopefully, turning off JavaScript is there too.
ThinkPaperIT ConsultantAuthor Commented:
That's exactly what I need. Thanks!
If it were me, I'd still disable javascript.  It's not widely used and, more importantly, more than one vulnerability in Reader over the last year was such that disabling javascript mitigated the threat.
Karl Heinz KremerCommented:
It depends on what you do with PDF - JavaScript is used in quite a few forms and in other types of documents. And for that reason Adobe added the blacklisting framework: So that you can still use JavaScript, and only disable those functions that are vulnerable. The only thing I don't like about it is that you have to manually install it. Acrobat and Reader should offer to download the latest changes automatically.
Yes, I suppose if one needs the JavaScript then disabling only the vulnerable funcs is perhaps the way to go. And I wholeheartedly agree that it would be great if Adobe products could auto-mitigate.  Better still would be for Adobe produce better code in the first place...
ThinkPaperIT ConsultantAuthor Commented:
After some digging, I found that disabling Javascript is probably not the most effective way to protect against the latest vulnerability.

While it may disable it, it does not prevent the user from going back and enabling it again.

Also found out that, if you disable Javascript, the user will be prompted EVERYTIME they open a document that uses Javascript and it will ask them whether they want to allow Javascript to run (just this once) or run all the time.

So in effect, even with disabling javascript you are still not quite protected, since users could enable it.  >__< So blacklisting seems to be the better way to go.
I didn't realise that: "if you disable Javascript, the user will be prompted EVERYTIME they open a document that uses Javascript".  Does this happen even if the user is running under a limited account?

My personal preference has for a long time to have javascript disabled because it prevents any reader exploit that uses heap sprays to increase the chance that the exploit will succeed (most exploits do this, but certainly there must be some that don't and that will succeed even with javascript disabled).
I've never been prompted to re-enable javascript, but I've obviously never tried to open a pdf that uses it.  It's amazing that adobe consider it necessary to prompt the user to re-enable javascript after it's been turned-off (it's on by default, so if it's off, it's been turned off - pay attention adobe).
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.