PDF Report Output : Blocked due to security threat


Today suddenly I started receiving complaints from Cognos report users that the drill-throughs from PDFs are not working!

We most of my business users prefer PDF output as default. This allows them to print the report right away, and also allowed them do the drill-throughs thanks to PDF JavaScript. This is quite an impressive feature of Cognos Reports (version 8.2)

However, all of sudden these drill links stopped working. I was quite surprised as I didn't install any patch on Cognos, neither did any Adobe updates. After some investigation I found that the intranet administrators had blocked Java Scripts from PDF Reader. Gosh! Now what's that for? Here is what I got to know from them..

Adobe Reader Zero-Day Exploit: The popular PDF document format has made the Adobe Reader software virtually ubiquitous. Few software products are installed so pervasively that they exist on nearly every system regardless of operating system. For malware developers, targeting flaws in Adobe Reader offers an exceptionally large potential for victims. The issue reportedly impacts Adobe Reader, and Adobe Acrobat--versions 9.2 and earlier. The actual exploit relies on JavaScript. The Shadowserver Foundation and SANS Institute both recommend that you simply disable the execution of JavaScript within the Adobe software. In your Adobe product, go to Edit--Preferences--JavaScript, and uncheck the box next to Enable Adobe JavaScript.

So, while Adobe is preparing an update to patch this vulnerability, many companies will block the JavaScript from PDF reader component. This will in-turn disable the drill-links from Cognos reports executed in PDF format.

After some persuasion, I managed to get this restriction taken off and we informed the company employees to be very wary of any e-mails they receive from an unknown sender that they aren't expecting. They should never open any attachments from any such e-mail, either.

If you are facing the same problem in your organization, it would be worth keeping yours eyes open for the Adobe patch.

1 comment:

ram said...

Instructor Led Training On Cognos 8 / 10 Business Intelligence Tool


Medha Information Research offers Online, In house, Corporate training for the Global Learners.Our Subject Matter Experts will Educate you on Cognos BI with real world Scenarios and Hands on Exercises. You can Browse our Course Catalog in www.medhainfo.com.

For Course you can reach us @+91 9945207350 or Write us info@medhainfo.com