Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks

Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks

Summary: The next major version of Adobe's PDF Reader will feature new sandboxing technology aimed at curbing a surge in malicious hacker attacks

SHARE:

The next major version of Adobe's PDF Reader will feature new sandboxing technology aimed at curbing a surge in malicious hacker attacks against the widely deployed software.

The security feature, called "Protected Mode," is similar to the Google Chrome sandbox and Microsoft Office 2010 Protected Viewing Mode, according to Adobe's security chief Brad Arkin.

In an interview, Arkin said the sandbox is scheduled for release before the end of this year and is based on Microsoft's Practical Windows Sandboxing technique.  The sandbox will be turned on by default and will display all operations in a PDF file in a very restricted manner.follow Ryan Naraine on twitter

"Should Adobe Reader need to perform an action that is not permitted in the sandboxed environment, such as writing to the user’s temporary folder or launching an attachment inside a PDF file using an external application (e.g. Microsoft Word), those requests are funneled through a “broker process,” which has a strict set of policies for what is allowed and disallowed to prevent access to dangerous functionality," Arkin explained.

[ SEE: ZoneAlarm ForceField puts browser in a sandbox ]

The first sandbox implementation will isolate all “write” calls on Windows 7, Windows Vista, Windows XP, Windows Server 2008, and Windows Server 2003.  Arkin believes this will mitigate the risk of exploits seeking to install malware on the user’s computer or otherwise change the computer’s file system or registry.

The sandbox will not be backported to older versions of Adobe Reader.

In a future dot-release, the company plans to extend the sandbox to include read-only activities to protect against attackers seeking to read sensitive information on the user’s computer.

"This will help us protect against most of the attacks we're seeing today.  The attacker will end up in a sandbox and will need a second attack to escape to do [dangerous things]." Arkin said.

Arkin made it clear that sandboxes are not guaranteed bulletproof perfect.  It will not protect users against all types of security attacks such as phishing, clickjacking, weak cryptography or unauthorized network access.

However, this is a significant defense-in-depth addition that makes it much harder (and expensive) for an attacker to successfully launch attacks using vulnerabilities in Adobe Reader.

Topics: CXO, Enterprise Software, Operating Systems, Security, Software, Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

29 comments
Log in or register to join the discussion
  • Any sign of when Adobe disappears

    ...and we won't need Adobe reader or yet another useless "broker process" running in the background wasting resources? Total trash.
    croberts
    • The broker process...

      .@croberts

      ...would only run when Adobe was running. As it uses so much memory at the moment I doubt people will notice the difference!
      DevJonny
      • Not even that

        @DevJonny
        The broker process will (if anything like IEs broker process) only run when it is needed. On top of that (if designed correctly) it's functionality will be severely limited - something like saving/retrieving files, so it will be small.
        honeymonster
    • RE: Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks

      @croberts

      Why is it total trash when it's rather lightweight and designed to protect you from getting viruses? I don't get it. I think it's a great idea.

      <a href="http://www.gainmuscleandloseweight.com/vince-delmonte-review/">no nonsense muscle building download</a>
      todd_b17
  • Wasn't it one of Adobe's broker processes that allowed Vista to fall...

    ...during PWN2OWN. I believe it was related to Flash.
    ye
    • Yes

      @ye
      Yes, Flash is sandboxed (when running in IE - not in Firefox or Chrome). But for whatever reason Adobe had designed their own broker process (instead of using the IE supplied one) - which furthermore had the capability <i>to launch arbitrary programs</i>. Go figure. A bug in this broker process combined with a Java bug was what was used in pwn2own.
      honeymonster
  • The real shame

    is that companies are now routinely driven to such measures just to thwart off scum. It'd be one thing if it was a matter of tightening up loose code and unforeseen holes, or implementing a new security feature set or two, and then the job was done. But instead there never seems to be a beginning to the end in this everlasting story that equates to an elaborate and forlorn tail chase.

    It's too bad were incapable of handing out more severe retributive measures against punks and criminals rings involved in netcrime and malware distribution. The seminal days of such acts being relatively benign and mostly for bragging rights are long over. A mailed fist needs to descend on these criminal enterprises, but as a collective were too soft and globally unorganized to do what is necessary.

    In the meantime, this never ending story continues with everyone wasting time, hard earned money and shrinking assets so the growing miscreant base can noodle and extort to their heart's content.
    klumper
    • RE: Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks

      @klumper <a href="http://www.pureresearchpapers.com/">Research Paper Help</a>
      <a href="http://www.puretermpapers.com/termpaper/help.asp">Term Paper Help</a>
      <a href="http://www.pureessays.com/">Essay Help</a>
      rainnwilson94
    • RE: Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks

      @klumper <a href="http://www.purethesis.com/">Thesis Help</a>
      <a href="http://www.puredissertation.com/">Dissertation Help</a>
      rainnwilson94
  • RE: Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks

    Isn't the Reader bloated enough?
    markbyrn
    • Bloated? What do you mean bloated?

      < sarcasm ><br>You know very well that RAM memory and hard disk space is cheap. Also, if you don't own a 16 core PC with 10 PetaBytes of DDR10 RAM and a 100 ExaBytes SSD HDD by now, you are a giant looser.<br>< /sarcasm >
      wackoae
    • RE: Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks

      @markbyrn <br>It is. I stopped using it the moment I found Foxit Reader. And I do have a quad core and 9 gig of RAM to "waste", but chose not to. <img border="0" src="http://www.cnet.com/i/mb/emoticons/happy.gif" alt="happy"><br>I also stopped using ZA (paid version) back in 2005 when the program totally locked me out of the web, and I rec'd no help whatsoever on that from ZA tech support. There are plenty of alternative (and very good) programs to put the bloatware to shame, and I'm happy we do have these options.
      jedikitty@...
      • I Sandboxie my whole firefox stack

        @jedikitty@...
        Foxit Reader is nice. I use it too, but still run everything under Sandboxie. I get the best of all worlds.
        BrooklynPennyPincher
    • RE: Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks

      @markbyrn

      I think a lot of the programs now are... It's to protect us from all these fraudulent programs/scripts running rampant in the web. If you just want basic functionality, then i'd guess you're better off with the very first release and foregoing all the security benefits of all the "bloated" ones.

      <a rel="dofollow" href="http://www.gettingmyexbacktips.com/pdf-ebook-reviews/pull-your-ex-back-review/">buy pull your ex back</a>
      kristyhutchins
  • RE: Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks

    We, some of us, are not pros; we just use hand-me-downs; e.g. windows 95, 98, 2000, me, etc.. What about us. Does MS, Linux, Apple, etc. lead Adobe around by the nose? Why doesn't Adobe help us poor folk, too? Sure I can see why they need to cowtow to OS upgrades but...we have to use them too.
    Gpa's
  • RE: Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks

    Great!!! thanks for sharing this information to us!
    <a href="http://www.yuregininsesi.com">sesli sohbet</a> <a href="http://www.yuregininsesi.com">sesli chat</a>
    yarinsiz
  • good one

    It definitely stretches the limits with the mind when you go through very good info and make an effort to interpret it properly.
    <a href="http://www.customessayhelp.com/essay-help.html">buy essay online</a> <a href="http://www.customessayhelp.com/custom-essay-help.html">custom essays </a>
    <a href="http://www.customessayhelp.com/buy-research-paper.html">buy research paper </a>
    <a href="http://www.customessayhelp.com/analysis-essay.html">analysis essay</a>
    <a href="http://www.customessayhelp.com/prices.html">cheap custom essays</a>
    allcottalmond
  • RE: Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks

    I am delighted that I came upon this blog, I could not discover any information on this topic prior to visiting your post. Thanks God I came across on this blog and found the relevant information.
    <a href="http://www.essayhelppros.com">essay help</a>
    BRIGGSBRENT
  • RE: Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks

    Thank you for this great information, you write very well which i like very much. I am really impressed by your post.
    <a href="http://www.essayhelppros.com/write-my-essay.php">write my essay</a>|
    <a href="http://www.essayhelppros.com/buy-essay.php">buy essay</a>|
    <a href="http://www.essayhelppros.com/essay-writers.php">essay writers</a>
    BRIGGSBRENT
  • RE: Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks

    To the extent that the subject matter is concerned you have chosen a truly fine and hot topic.
    <a href="http://www.assignmentmojo.co.uk/buy-assignments-online/">Buy Assignment</a> <a href="http://www.assignmentmojo.co.uk/assignment-writing-service/">Assignment Writing </a> <a href="http://www.assignmentmojo.co.uk/">Assignment Help</a> <a href="http://www.assignmentmojo.co.uk/statistics-assignment-help/">Statistics Help</a> </a> <a href="http://www.assignmentmojo.co.uk/do-my-assignment/">Pay Someone To Do Your Assignment</a> <a href="http://www.assignmentmojo.co.uk/programming-assignment-help/">Programming Assignment Help</a>
    xenshun