In case you’ve not read Adobe’s announcement: Adobe Reader X is out. Use Adobe’s FTP server if you want to avoid their download manager.
Protected Mode Adobe Reader comes with a sandbox (like Internet Explorer, Microsoft Office 2010, Google Chrome) designed to prevent malware from writing to important system components.
If you’re interested in the design details of the sandbox, I recommend Kyle Randolph’s excellent series of posts.
To benefit the most of Adobe Reader’s sandbox, you need to use a Windows version that supports integrity levels (Windows Vista or later). Windows XP will not offer you this protection.
And don’t become complacent about patching your sandboxed applications. Because if there exists a vulnerability that allows one to escape from a sandboxed application, say in IE7, then one can use this vulnerability to escape from other sandboxes, like Adobe Reader X, based on the same low integrity level design.
Quickpost info
Source: Didier Stevens
Related Posts
- Adobe updates Reader and Acrobat
A little earlier as announced, Adobe released updated versions of Adobe Acrobat and Reader. These programs were vulnerable to the Flash Player zero-day-vulnerability as well, which was fixed last week... - New Zero-Day Attack in Adobe Products (CVE-2011-0611)
Last month, Adobe had released a security advisory and a product update about a critical flaw affecting Flash Player versions and a vulnerable component, authplay.dll, of Adobe Reader and Acrobat that... - Zero-Day Vulnerability in Adobe Flash Player, Reader and Acrobat
Adobe released a security advisory in which it warns from a zero-day vulnerability within current version of Adobe Flash Player, Reader and Acrobat. Affected are Flash Player 10.2.153.1 and earlier ve... - Download Adobe Reader 10 Alternative scam
MX Lab reported earlier on regarding a malicious spam campaign regarding an offer to download and buy PDF Reader/Writer for Windows and Mac in the articles Malicious spam campaign regarding Adobe Ac... - Adobe Patches (shockwave, Flash, Reader & Coldfusion), (Wed, Feb 9th)
Just to add to the list of patches released: (thanks Frank, Ric, Jack):
APSB11-01Security update available for Shockwave Player
APSB11-02Security update available for Adobe Flash Player
A... - Adobe Reader 9.4.2 and 10.0.1 Updates are out , (Tue, Feb 8th)
Adobe released updates for Reader for 9.4.2 and 10.0.1. While this page on Adobe's site doesn't actually list them correctly, if you drill down into the actual product and OS, you'll see the updates l... - Update: Researchers unsure why Adobe Reader X spoiled new PDF attack
Adobe's Reader X, last year's upgrade that features a "sandbox" designed to protect users from PDF exploits, stymied a recent attack campaign, researchers said.
Full story: Network World on Securi... - SW Adobe to Update Reader and Acrobat on Patch Tuesday
Next Tuesday, on their regularly-scheduled quarterly Acrobat Patch Tuesday, Adobe will release security updates for all Windows and Mac Acrobat and Reader versions. Updates for the UNIX vers... - Adobe Reader X stops malicious PDF spam campaign dead in its tracks
A new malicious spam campaign underlines the security benefits of upgrading to the latest version of Adobe Reader - Adobe Reader X.
SophosLabs are currently seeing reports of a low-level attack, spamm... - Adobe Releases Sandbox-Protected Reader X
Last week Adobe released the next generation of Adobe Acrobat and new versions of Reader to go along with them, Adobe Reader X, specifically the Windows version, raises the bar for attackers...
Posted on 20 November 2010. Tags: Adobe, Quickpost, reader
