An excellent improvement to Adobe Reader security
The most important piece of advice that is generally given to users of Adobe Reader to protect them from malicious exploits in PDF documents is to disable JavaScript, but it has always been an “all or nothing” situation – the chances that somebody would heed our advice, disable JavaScript, only to need to turn it on again (and forget to turn it off) was high.
The October update of Reader, though, offers a new feature which I quite like – note how you can enable JavaScript for just the one document and, if you so desire, for just one time.
So my new advice is to disable JavaScript and enable “Enhanced Security”.
Now, if only they would give us a way to turn off the functionality that allows criminals to use Flash advertisements to hijack web browsers…
Old dialogue – JavaScript disabled
New dialogue – JavaScript disabled
New dialogue – blacklisted JavaScript encountered
Source: http://blogs.adobe.com/asset/2010/01/a_few_words_on_the_january_201.html
Source: http://kb2.adobe.com/cps/504/cpsid_50432.html