News link:Click me
Adobe’s popular PDF viewer, Adobe Reader, always attracts large amount of hackers who try to exploit its vulnerabilities. Some reports found that Adobe Reader is at the top list for having the most exploits for web-based attacks. Now, the company wants to “turning to sandboxing technology designed to isolate code from other parts of the computer.” A “protected mode” will be added to the Adobe Reader for Windows which will be enabled by default and release later this year. Because of minor attack against Macintosh system, there is no plan to implement this feature to Mac OS yet.
Several changes will be made due to sandbox mechanism. The PDF processing will be confined, such as executing JavaScript, parsing JPEG image etc. Application running in the Adobe Reader will not be able to communicate with the operating system any more. “This is an additional layer of defense that will help protect users in case they encounter a malicious or corrupted PDF.” said Brad Arkin, the director of product security and privacy of Adobe. The new feature could limit the number of exploits, but not all of them. Some attacks like phishing and weak cryptography still exist.
Some experts believe that Sandbox can not prevent code execution vulnerability, but it makes attacks much hard to success. With Sandbox, the attackers need to find vulnerability in both programs, Reader and Sandbox.
