Adobe Reader to block attacks with sandbox feature

By on July 21, 2010, 10:23 AM
For years, Adobe's ubiquitous Reader software has been one of the major targets of hackers looking to run malicious code on Windows operating systems. This -- combined with a habit of lagging to patch known vulnerabilities -- has earned the company a poor reputation when it comes to keeping its users safe. However, Adobe is hoping to change that impression by adding a "Protected Mode" to the next release of Reader that will isolate code from other parts of the computer.

The feature will be enabled by default and essentially what it does is ensure that all operations required to process a PDF file, including JavaScript execution, 3D rendering, and image parsing, are run in a restricted manner inside a sandbox. Code in this sandbox cannot write to the file system or the registry, for example. So while the approach doesn't stop vulnerabilities from being found or exploited, it limits their severity by restricting what they can do.

According to a post on Adobe's ASSET Blog, "Protected Mode" is based on Microsoft's Practical Windows Sandboxing Technique. The company has been working closely with members of the Microsoft Office security team, Nicolas Sylvain and the Chrome team at Google, as well as third-party consultancies and other external stakeholders.

This first release will sandbox all "write" calls, mitigating the risk of exploits that seek to install malware on users' computers. In future releases of Adobe Reader, the company plans to extend the sandbox to include read-only activities to protect against attackers seeking to read sensitive information from the user's computer.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.