Adobe sandboxes Reader to improve security
By Nicole Kobie
Posted on 21 Jul 2010 at 09:29
Adobe is locking down its Reader software to protect against attacks.
Reader has been criticised for its security failings, with Microsoft accusing such third-party apps of being "easier pickings" than Windows itself.
Adobe Reader Protected Mode will arrive in the next update of the PDF software. It will make use of the "sandbox" technique, preventing attacks via Reader from touching the rest of the computer.
Famously used by Google's Chrome browser, sandboxing isolates the code from the rest of the system so the damage from attacks is limited.
"Even if an exploitable security vulnerability is found by an attacker, Adobe Reader Protected Mode will help prevent the attacker from writing files, changing registry keys or installing malware on potential victims’ computers," said Brad Arkin, director of product security and privacy, in a post on the Adobe Security blog.
Any operations that need to happen outside the sandbox - such as opening an attachment or saving to a computer - are first run past a "strict set of policies" to make sure nothing dangerous is being done.
Adobe said its Reader sandbox is based on Microsoft's system for Windows, and that it worked with Microsoft Office and Chrome teams to create its own.
Protected Mode will be enabled by default, and initially sandbox only "write" calls in Windows systems. "In future releases of Adobe Reader, we plan to extend the sandbox to include read-only activities to protect against attackers seeking to read sensitive information on the user’s computer," Arkin added.
From around the web
Foxit has beaten Adobe to the punch
Foxit 4 has a similar feature.
http://www.foxitsoftware.com/pdf/reader/security.p
hp
Not sure if it implements a sanbox but Foxit's Trust Manager is enabled by default
By dyagetme1 on 21 Jul 2010 
foxit
foxit is also a damn sight faster to load than reader, doesn't install startup processes that slow everything down and features tabbed document opening. i don't see any reason to use the bloated rubbish that is adobe reader in the first place even if it hadn't been vulnerable to attacks.
By simoncarter on 22 Jul 2010
+1 for Foxit
A great great application - highly recommend that anyone who hasn't tried it does so - it's free! Neat, nimble, and it's never crashed on me.
By lowe8000 on 22 Jul 2010
advertisement
- Laptop bag reviews: nine tested
- Sony VAIO T Series Ultrabook review: first look
- Revealed: the military standards and robots HP uses to test its laptops
- Windows 8: multi-monitors and double standards?
- Why is TalkTalk's year-old porn filter suddenly big news?
- Why are laptop screens so far behind mobiles?
- HP EliteBook Folio review: first look
- The shoebox-sized all-in-one printer
- Forget the Ultrabook: here comes the HP Sleekbook
- HP Spectre XT review: first look
- Why you have to be left in the dark on OS patches
- Publishing your email address isn't a security disaster
- Why antivirus is fighting a losing battle in your office
- Four year olds used to steal their parents' data
- An acceptable use policy for your kids
- Paying for your crimes with Bitcoin
- Pavement hacking: What it is and how to avoid it
- Google's risky pre-loaded pages
- Mac under attack: how secure is Apple's OS?
- Has your browser been hijacked?
advertisement
