The focus of this entry is on Windows-specific features that make the sandbox possible. Any attempt to implement these capabilities on other operating systems would require a completely different approach. Going Windows-specific in this case makes perfect sense, since the real-world threats are basically all on Windows.
The approach follows the guidelines in the Practical Windows Sandboxing series by Microsoft’s David LeBlanc (part 1, part 2. part 3), as did Google’s Chrome web browser. Adobe goes on to thank LeBlanc and Nicolas Sylvain of the Google Chrome team for their help in building the sandbox.
I won’t go into the specific features. Read the Adobe blog for them. It is worth noting that Adobe considered one measure recommended by LeBlanc, that is running the application in a separate desktop, but decided not to use it as the changes to the Reader/Acrobat architecture would be too extensive. This limits the available attack mitigations some, especially with regard to screen scraping attacks, but not extensively.
It doesn’t go into the same level of detail, but below is a video from Adobe’s Brad Arkin in which he discusses Adobe’s security strategy in broad terms.
Microsoft gives Adobe Reader a Protected Mode
Microsoft has been helping Adobe develop a sandbox similar to the Protected View in Office 2010. Adobe Reader Protected Mode, a sandboxing technology based on Microsoft's Practical...
Adobe updates Reader and Acrobat A little earlier as announced, Adobe released updated versions of Adobe Acrobat and Reader. These programs were vulnerable to the Flash Player zero-day-vulnerability as well, which was fixed last week...
New Zero-Day Attack in Adobe Products (CVE-2011-0611) Last month, Adobe had released a security advisory and a product update about a critical flaw affecting Flash Player versions and a vulnerable component, authplay.dll, of Adobe Reader and Acrobat that...
Zero-Day Vulnerability in Adobe Flash Player, Reader and Acrobat Adobe released a security advisory in which it warns from a zero-day vulnerability within current version of Adobe Flash Player, Reader and Acrobat. Affected are Flash Player 10.2.153.1 and earlier ve...
Download Adobe Reader 10 Alternative scam MX Lab reported earlier on regarding a malicious spam campaign regarding an offer to download and buy PDF Reader/Writer for Windows and Mac in the articles Malicious spam campaign regarding Adobe Ac...
Adobe Reader 9.4.2 and 10.0.1 Updates are out , (Tue, Feb 8th) Adobe released updates for Reader for 9.4.2 and 10.0.1. While this page on Adobe's site doesn't actually list them correctly, if you drill down into the actual product and OS, you'll see the updates l...
SW Adobe to Update Reader and Acrobat on Patch Tuesday
Next Tuesday, on their regularly-scheduled quarterly Acrobat Patch Tuesday, Adobe will release security updates for all Windows and Mac Acrobat and Reader versions. Updates for the UNIX vers...
Adobe Reader X stops malicious PDF spam campaign dead in its tracks A new malicious spam campaign underlines the security benefits of upgrading to the latest version of Adobe Reader - Adobe Reader X.
SophosLabs are currently seeing reports of a low-level attack, spamm...
Beware Facebook "Timeline" scams http://t.co/W5EW0cVv 5 months ago
Nigerian government (unknowingly) hosts phishing website http://t.co/uQd42ENw 5 months ago
PCMag Awards McAfee All Access its Editors’ Choice: SANTA CLARA, Calif.--(BUSINESS WIRE)--McAfee today announced... http://t.co/FakV7Vd8 5 months ago
RT @mikko: I hadn't noticed Google Maps has added 3D models of buildings. Here's a (very accurate) view of F-Secure HQ in Helsinki http://t.co/IKfAZlak 5 months ago
North Koreans aren't known for their online presence. But others may be lured into clicking Kim Jong-Il 'videos' too http://t.co/yQOon6YT 5 months ago
How to Protect Your Professional Reputation on Facebook Timeline http://t.co/I4bcR2VN 5 months ago
This is pretty impressive from @Softpedia: Facebook scans 2 trillion link clicks and blocks 220 million posts each day http://t.co/vKsn9gNl 5 months ago
Need for integrated approach to security in industrial control systems - http://t.co/tPBCNOow with @PikeResearch 5 months ago
Some free-based music we play at work http://t.co/xu5agZfc 5 months ago
Japan’s cyber defense weapon: a virus. It includes quotes by @Luis_Corrons via @InfosecurityMag 5 months ago
An entry in the Adobe Secure Software Engineering Team (ASSET) Blog expands on the company’s description of their sandboxing strategy for Adobe Reader X for Windows. Click here to read about the first entry in this series.
