Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks
Summary: The next major version of Adobe's PDF Reader will feature new sandboxing technology aimed at curbing a surge in malicious hacker attacks
The next major version of Adobe's PDF Reader will feature new sandboxing technology aimed at curbing a surge in malicious hacker attacks against the widely deployed software.
The security feature, called "Protected Mode," is similar to the Google Chrome sandbox and Microsoft Office 2010 Protected Viewing Mode, according to Adobe's security chief Brad Arkin.
In an interview, Arkin said the sandbox is scheduled for release before the end of this year and is based on Microsoft's Practical Windows Sandboxing technique. The sandbox will be turned on by default and will display all operations in a PDF file in a very restricted manner.
"Should Adobe Reader need to perform an action that is not permitted in the sandboxed environment, such as writing to the user’s temporary folder or launching an attachment inside a PDF file using an external application (e.g. Microsoft Word), those requests are funneled through a “broker process,” which has a strict set of policies for what is allowed and disallowed to prevent access to dangerous functionality," Arkin explained.
[ SEE: ZoneAlarm ForceField puts browser in a sandbox ]
The first sandbox implementation will isolate all “write” calls on Windows 7, Windows Vista, Windows XP, Windows Server 2008, and Windows Server 2003. Arkin believes this will mitigate the risk of exploits seeking to install malware on the user’s computer or otherwise change the computer’s file system or registry.The sandbox will not be backported to older versions of Adobe Reader.
In a future dot-release, the company plans to extend the sandbox to include read-only activities to protect against attackers seeking to read sensitive information on the user’s computer.
"This will help us protect against most of the attacks we're seeing today. The attacker will end up in a sandbox and will need a second attack to escape to do [dangerous things]." Arkin said.
Arkin made it clear that sandboxes are not guaranteed bulletproof perfect. It will not protect users against all types of security attacks such as phishing, clickjacking, weak cryptography or unauthorized network access.
However, this is a significant defense-in-depth addition that makes it much harder (and expensive) for an attacker to successfully launch attacks using vulnerabilities in Adobe Reader.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
Any sign of when Adobe disappears
The broker process...
...would only run when Adobe was running. As it uses so much memory at the moment I doubt people will notice the difference!
Not even that
The broker process will (if anything like IEs broker process) only run when it is needed. On top of that (if designed correctly) it's functionality will be severely limited - something like saving/retrieving files, so it will be small.
RE: Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks
Why is it total trash when it's rather lightweight and designed to protect you from getting viruses? I don't get it. I think it's a great idea.
<a href="http://www.gainmuscleandloseweight.com/vince-delmonte-review/">no nonsense muscle building download</a>
Wasn't it one of Adobe's broker processes that allowed Vista to fall...
Yes
Yes, Flash is sandboxed (when running in IE - not in Firefox or Chrome). But for whatever reason Adobe had designed their own broker process (instead of using the IE supplied one) - which furthermore had the capability <i>to launch arbitrary programs</i>. Go figure. A bug in this broker process combined with a Java bug was what was used in pwn2own.
The real shame
It's too bad were incapable of handing out more severe retributive measures against punks and criminals rings involved in netcrime and malware distribution. The seminal days of such acts being relatively benign and mostly for bragging rights are long over. A mailed fist needs to descend on these criminal enterprises, but as a collective were too soft and globally unorganized to do what is necessary.
In the meantime, this never ending story continues with everyone wasting time, hard earned money and shrinking assets so the growing miscreant base can noodle and extort to their heart's content.
RE: Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks
<a href="http://www.puretermpapers.com/termpaper/help.asp">Term Paper Help</a>
<a href="http://www.pureessays.com/">Essay Help</a>
RE: Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks
<a href="http://www.puredissertation.com/">Dissertation Help</a>
RE: Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks
Bloated? What do you mean bloated?
RE: Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks
I Sandboxie my whole firefox stack
Foxit Reader is nice. I use it too, but still run everything under Sandboxie. I get the best of all worlds.
RE: Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks
I think a lot of the programs now are... It's to protect us from all these fraudulent programs/scripts running rampant in the web. If you just want basic functionality, then i'd guess you're better off with the very first release and foregoing all the security benefits of all the "bloated" ones.
<a rel="dofollow" href="http://www.gettingmyexbacktips.com/pdf-ebook-reviews/pull-your-ex-back-review/">buy pull your ex back</a>
RE: Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks
RE: Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks
<a href="http://www.yuregininsesi.com">sesli sohbet</a> <a href="http://www.yuregininsesi.com">sesli chat</a>
good one
<a href="http://www.customessayhelp.com/essay-help.html">buy essay online</a> <a href="http://www.customessayhelp.com/custom-essay-help.html">custom essays </a>
<a href="http://www.customessayhelp.com/buy-research-paper.html">buy research paper </a>
<a href="http://www.customessayhelp.com/analysis-essay.html">analysis essay</a>
<a href="http://www.customessayhelp.com/prices.html">cheap custom essays</a>
RE: Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks
<a href="http://www.essayhelppros.com">essay help</a>
RE: Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks
<a href="http://www.essayhelppros.com/write-my-essay.php">write my essay</a>|
<a href="http://www.essayhelppros.com/buy-essay.php">buy essay</a>|
<a href="http://www.essayhelppros.com/essay-writers.php">essay writers</a>
RE: Adobe adding 'sandbox' to PDF Reader to ward off hacker attacks
<a href="http://www.assignmentmojo.co.uk/buy-assignments-online/">Buy Assignment</a> <a href="http://www.assignmentmojo.co.uk/assignment-writing-service/">Assignment Writing </a> <a href="http://www.assignmentmojo.co.uk/">Assignment Help</a> <a href="http://www.assignmentmojo.co.uk/statistics-assignment-help/">Statistics Help</a> </a> <a href="http://www.assignmentmojo.co.uk/do-my-assignment/">Pay Someone To Do Your Assignment</a> <a href="http://www.assignmentmojo.co.uk/programming-assignment-help/">Programming Assignment Help</a>