Adobe to Make PDF Viewer More Secure with Sandboxing

Posted 07/20/2010 at 10:53pm | by Pulkit Chandna

2

Comments

Print

Adobe is no stranger to criticism. The company has consistently drawn flak for its piss poor security track record. In fact, it would be reasonable to believe that Adobe is inured to the constant castigation.

But it now seems to be making more serious efforts to plug the many holes in its software. Back in April, it introduced an automatic updater for its Acrobat and Reader products, giving it the ability to tackle critical security issues speedily. And now it has turned its focus to “sandboxing,” a security mechanism that involves running the concerned software in an isolated environment - the sandbox.

The next version of its free Reader PDF viewer for Windows will be bolstered by the use of sandboxing, the San Jose-based company has announced. "With sandboxing, anyone who encounters a malicious PDF will find that a successful exploit is kept within the sandbox,” said Brad Arkin, Adobe's director of security and privacy.

Initially, the new feature, dubbed “Protected Mode, will only be used to sandbox “write calls.” But a subsequent update will also help stave off exploit code that tries to copy sensitive information from the user’s machine. "In the first release, everything that is involved in rendering a PDF has to happen within the sandbox.”

Adobe expects to have the next version of Reader ready before the end of the year.