Adobe Reader X is here. Adobe announced earlier this year that it was working on a more secure version of its ubiquitous PDF reading software, Adobe Reader. The new version includes Protected Mode, a sandboxing security control designed to prevent malware exploits against the application.
An Adobe Secure Software Engineering Team (ASSET) blog post proclaims, “Over the last few months, the Adobe Reader engineering team together with the Adobe Secure Software Engineering Team, partners in the software development community such as the Microsoft Office security team and the Chrome team at Google, as well as customers, third-party consultancies in the security community, and other external stakeholders were hard at work to help ensure the sandbox implementation was as robust as possible.
The new version is also available for Mac OS X and Android, but those editions lack the sandbox.
The sandboxing concept is not unique to Adobe. As Adobe points out above, Microsoft, Google, and others have already built sandboxing security controls into products. The software sandbox is like a temporary holding area where processes are allowed to run, but can’t impact the core functionality of Adobe Reader or the rest of the PC. Malicious processes can then be sifted out, and legitimate processes can be allowed to run unhindered.
Adobe engineer Kyle Randolph describes the challenging balancing act of developing a functional sandbox. “A perfect sandbox is akin to the perfectly secure computer–the “…one buried in concrete, with the power turned off and the network cable cut.” A sandbox is distinguished by the restrictions it places on a piece of running code. Software, on the other hand, is evaluated based on its usefulness. Balancing these competing goods – preventing bad software from doing bad things, while allowing good software to be useful–is the impossible challenge the sandbox engineer faces.”
Protected Mode may take some of the patching pressure off Adobe, which has had to scramble several times this year to fix flaws being used by criminals. Just two days ago, Adobe rolled out patches for a pair of vulnerabilities, one of which had been exploited for at least three weeks.
Tuesday’s update was the seventh this year and the sixth time in 2010 that Adobe has either issued an “out-of-band” emergency fix or moved up a regularly-scheduled patch day.
Sandboxing is not a perfect solution, though. It is another security control, providing another layer of protection, and preventing many attacks–but don’t assume Adobe Reader is now invulnerable. Adobe explains, “Adobe Reader Protected Mode represents an exciting new advancement in mitigating the impact of attempted attacks. While sandboxing is not a security silver bullet, it provides a strong additional level of defense against attacks. Even if exploitable security vulnerabilities are found by an attacker, Adobe Reader Protected Mode will help prevent the attacker from writing files or installing malware on potential victims’ computers.”
Adobe Reader Protected Mode is built on the foundation of the Windows security model and the protection it provides. An attacker that finds an exploitable weakness in the Windows operating system may be able to use that flaw to develop an attack that uses PDF files and Adobe Reader as an attack vector.
Don’t get me wrong. Adobe Reader X should be a significant improvement over previous versions of Adobe Reader when it comes to security. I commend Adobe for taking steps and investing resources to develop a more secure version of the popular product.
By all means, download Adobe Reader X and start using it today. Just don’t let that be an excuse for letting your guard down.
With notes from Gregg Keizer.