As reported in Slashdot today…

Firefox has included a built-in PDF viewer for a long time, eliminating the need to install another third-party extension. Until now, this viewer has had its ability to execute JavaScript embedded in PDFs disabled.

This is important. JavaScript in PDF was originally designed to create self-validating forms but has a long history of being abused by criminal hackers to penetrate your computer security to harvest what is for the taking on your device.

Starting with the newly-released Firefox 88 (desktop version), this has been changed so that the default setting is to enable the execution of JavaScript embedded in PDF files.

Resolving this is easy and simple. To help ensure your cybersecurity and internet privacy, let’s do so now.

Disable Firefox 88 and Higher Execution of JavaScript Embedded in PDF Files

  1. Open Firefox.
  2. (MacOS) Select Firefox menu > About Firefox.
    (Windows) Select 3-Line menu > Help > About Firefox.
  3. Verify you have the latest version of Firefox installed. As of this writing, that is version 88.
  4. Close the About window.
  5. Enter the following in the address bar: about:config. The Proceed with Caution window opens.
  6. Tap the Accept the Risk and Continue button.
  7. Enter the following in the search field: pdfjs.enableScripting
  8. The default setting is True. Tap the switch icon to the far right to change the setting to False.

  9. Close the window.
  10. Ahhh. I don’t know about you, but I feel so much better now!