Share

Related Links

Top 5 Stories

News

Adobe to introduce PDF reader with sandboxing security feature

20 July 2010

Today Adobe announced a new security feature to the next major release of its popular Reader software the takes advantage of sandboxing technology, whereby the company hopes to implement another security hurdle for malicious-minded attackers.

Adobe has made quite a bit of news in security circles over the past year for the sheer number of attacks targeting its popular PDF Reader product. The latest response to concerns about its product security includes news that Adobe will now offer what it hopes will be a more secure PDF reader: Adobe Reader Protected Mode.

Brad Arkin, director of product security and privacy for Adobe, made the announcement today regarding this new security feature on the Adobe Secure Software Engineering Team blog. He wrote that this Protected Mode PDF reader is inspired by previous sandboxing technology being used by Microsoft via its Windows Sandboxing Technique.

In addition, Arkin also noted that Adobe has worked closely with the Microsoft Office security team and members of the Chrome team at Google to “leverage their sandboxing knowledge and experience”.

Arkin said that Protected Mode for the Adobe Reader will be the default option once the update is delivered and that all functions required to view the PDF file will be run inside the sandbox environment.

According to Adobe, neither the installation nor deletion of files – or modifications to system information – will be permitted when running Protected Mode.

“Should Adobe Reader need to perform an action that is not permitted in the sandboxed environment, such as writing to the user’s temporary folder or launching an attachment inside a PDF file using an external application (e.g. Microsoft Word), those requests are funneled through a 'broker process', which has a strict set of policies for what is allowed and disallowed to prevent access to dangerous functionality”, Arkin said.

Adobe indicated the first release of Protected Mode will sandbox all “write” calls to help mitigate the potential “of exploits seeking to install malware on the user’s computer or otherwise change the computer’s file system”. The company also said that future releases will aim to extend the sandbox to read-only activities, helping protect against attackers seeking sensitive information on a user’s machine.

An Adobe spokesperson told Infosecurity that there is no precise timeline as to when the new Protected Mode PDF reader would be rolled out, only to say that it should be introduced later this year with the product’s next major release.

This article is featured in:
Application Security  •  Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×