Security Protection – Harry Waldron MVP Rotating Header Image

Adobe Version 11 — Improved Sandbox Security can prevent malware attacks

The latest version has been installed based some good reviews of security. Below are a few of the early reviews on both security and features:

http://securitywatch.pcmag.com/none/304046-adobe-updates-sandbox-in-reader-acrobat-xi

http://news.techworld.com/security/3405972/adobe-reader-acrobat-xi-security-boosted-by-new-features/

http://www.adobe.com/products/reader/features.html

QUOTE: Adobe Reader and Adobe Acrobat XI now come with new security features and an improved sandbox that will make the products harder to attack and exploit, according to Adobe. The sandboxing feature known as the Protected Mode that was first introduced in Adobe Reader X proved successful at mitigating traditional PDF exploits. The technology works by isolating certain Adobe Reader operations in a strictly controlled environment and makes it very hard for attackers to write and execute malicious code on a system after exploiting a vulnerability in the product.

“Since we added sandbox protection to Adobe Reader and Acrobat, we have not seen any exploits in the wild that break out of the Adobe Reader and Acrobat X sandbox,” said Priyank Choudhury, a security researcher within Adobe’s Secure Software Engineering Team.

The new version of Adobe Reader also comes with a Protected View mode that further strengthens the sandbox by creating a separate window station – a separate securable clipboard and desktop – for the PDF viewing process. This function is designed to block so-called screen-scraping attacks in which one application reads data from the display output of a different program running on the same desktop.

The support for Address Space Layout Randomization (ASLR), a memory-based anti-exploitation technology, has also been improved in the new Adobe Reader and Acrobat versions.

Comments are closed.