>that the AFC plugin intelligently scans javascript
in doubt, the decision is 'block'
>I would have immediately put JSPDF as an exception
yes - this is the case, for whixh this switch is implemented
Thomas
Von: K Post <nntp.p...@gmail.com>
An: ASSP development mailing list <assp-test@lists.sourceforge.net>
Datum: 22.05.2017 19:13
Betreff: Re: [Assp-test] fixes in assp 2.5.6 build 17142
I still think that you should note in the GUI that exe-bin blocking does
NOT block every PDF that has javascript in them - just those that seem
suspicious.
Otherwise, people will put JSPDF as an exception, out of fear that too
many legitimate pdf's will be blocked. For example, we (unfortunately and
irritatingly) get a lot of PDF files from legitimate sources that are fill
out forms with lots of javascript in them. Had you and I not had the
discussion that enlightened me that the AFC plugin intelligently scans
javascript, I would have immediately put JSPDF as an exception because we
need to insure that these files still reach us.
On Mon, May 22, 2017 at 8:07 AM, Thomas Eckardt <
thomas.ecka...@thockar.com> wrote:
Hi all,
fixed in assp 2.5.6 build 17142:
- the changes in assp.pl are only related to the updated ASSP_AFC V4.52
changed:
- ASSP_AFC.pm version 4.52 is released.
This version is able to detect maliciouse executable code in PDF
attachments
The following blocking exception can be configured in blocking levels
and 'userAttach'
:PDF - adobe PDF file with embedded executable code or microsoft office
macros files, JavaScript and bad URIs
(using the :PDF exception is not recommended as this will disable all
PDF executable scanning)
:CERTPDF - certificate signed adobe PDF file
:JSPDF - adobe PDF file with JavaScript inside - notice: well known
malicious JavaScript combinations will be blocked,
even this option is defined
:URIPDF - adobe PDF file with URIs to download exeutables from the web or
to open local files
Thomas
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
