For years, Adobe's ubiquitous Reader software has been one of the major targets of hackers looking to run malicious code on Windows operating systems. This – combined with a habit of lagging to patch known vulnerabilities – has earned the company a poor reputation when it comes to keeping its users safe. However, Adobe is hoping to change that impression by adding a "Protected Mode" to the next release of Reader that will isolate code from other parts of the computer.
According to a post on Adobe's ASSET Blog, "Protected Mode" is based on Microsoft's Practical Windows Sandboxing Technique. The company has been working closely with members of the Microsoft Office security team, Nicolas Sylvain and the Chrome team at Google, as well as third-party consultancies and other external stakeholders.
This first release will sandbox all "write" calls, mitigating the risk of exploits that seek to install malware on users' computers. In future releases of Adobe Reader, the company plans to extend the sandbox to include read-only activities to protect against attackers seeking to read sensitive information from the user's computer.