Adobe Reader to block attacks with sandbox tech

From CNET News.com: Adobe Reader will soon have an additional layer of protection against the many attacks that target the popular PDF viewer.

Adobe Systems is borrowing a page from Microsoft's and Google's playbook by turning to sandboxing technology designed to isolate code from other parts of the computer.

Adobe is adding a "Protected Mode" to the next release of Adobe Reader for Windows due out some time this year, said Brad Arkin, director of product security and privacy at Adobe. The feature will be enabled by default and included in Adobe Reader browser plug-ins for all the major browsers.

The company has no plans to add the feature to the version of its PDF (Portable Document Format) viewer for the Macintosh at this time because the vast majority of Adobe Reader downloads and exploits are on Windows, a spokeswoman said.

The sandbox mechanism will confine PDF processing, such as JavaScript execution, 3D rendering, and image parsing, to a confined area and prevent applications from installing or deleting files, modifying system information, or accessing processes.

While Adobe Reader can communicate directly with the operating system, applications running in the program cannot. If malicious code sneaks onto a computer by successfully exploiting a hole in Adobe reader, its impact will be limited because it will be contained within the sandbox.

View: Article @ Source Site