Adobe Systems is delivering on its promise to bring sandboxing technology to Windows users in the next version of Adobe Reader, which is slated to be available within 30 days.
Adobe Systems is making good on its promise to bring sandboxing to bear in Adobe Reader in the name of security.
The technology will be built into Adobe Reader X, which is scheduled to be released within 30 days. Known as "Protected Mode,"
the technology is aimed at protecting Windows PCs, which are often the target of attackers.
"With this version, we have prioritized our activities to get the
most effective protection to our users as fast as possible," an Adobe
spokesperson said. "Today, Adobe Reader for Windows represents the
overwhelming majority of Adobe Reader downloads. Adobe is always
carefully evaluating the threat landscape to determine the priorities
and next steps in the security road map for our products."
Sandboxing limits the privileges
program can run under, isolating that program from other programs on a
computer. According to the company, PDF processing such as PDF and
happens in the sandbox. Processes that need to perform some action
outside the sandbox boundary must do so through a trusted proxy called
a "broker process." Adobe Protected Mode will be enabled by default.
"The Adobe Reader sandbox leverages the operating system's security
controls to constrain processes execution to the principle of least
privilege," blogged Kyle Randolph, senior security researcher on
Adobe's Secure Software Engineering team, Oct. 5. "Thus, processes that
could be subject to an attacker's control run with limited capabilities
and must perform actions such as accessing files through a separate,
Other companies have also taken a sandboxing approach to improve
security lately. For example, Microsoft added sandboxing to Office
2010, while Google brought sandboxing to bear in its Chrome browser as
well as plans for the Chrome operating system.
"Adobe's product security initiatives are focused on reducing both
the frequency and the impact of security vulnerabilities," the
spokesperson said. "Adobe Reader Protected Mode represents an exciting
new advancement in mitigating the impact of attempted attacks. Even if
exploitable security vulnerabilities are found by an attacker, Adobe
Reader Protected Mode will help prevent the attacker from writing files
or installing malware on potential victims' computers."