Adobe Systems, creator of the PDF format, has released Adobe Reader X, the 10th version of its ubiquitous PDF viewing software.
The major theme in Reader X is security (for Windows at least). Back in July Adobe’s Secure Software Engineering Team (ASSET) began blogging about a new Protected Mode (sandbox) feature which it was working on for the Reader X release and it has now delivered.
The new Protected Mode feature uses a sandbox architecture in Reader X for Windows. Adobe’s Kyle Randolph explains more on the ASSET blog:
‘A sandbox is a security mechanism used to run an application in a confined execution environment in which certain functions (such as installing or deleting files, or modifying system information) are prohibited. In Adobe Reader, ‘sandboxing’ (also known as ‘Protected Mode’) adds an additional layer of defense by containing malicious code inside PDF files within the Adobe Reader sandbox and preventing elevated privilege execution on the user’s system.’
Currently, the sandbox feature is only available in Reader X for Windows, the most vulnerable product of Adobe’s Acrobat and Reader family, due to its overwhelming installation base and the fact that most of the malicious PDF files have been targeting exploits in Adobe Reader on Windows.
The flow of reported exploits in the PDF format and number of malicious PDF files arriving in email inboxes has been steady for a number of years now, so this feature will be welcomed with open arms by Adobe Reader users all around the world. Despite this, Adobe Acrobat and Adobe Reader (Mac) users might be asking themselves why they’ve been left out in the cold, considering they’re susceptible to malicious PDF files as well (last week a critical flaw in the way PDF files handle Flash components was fixed in an unscheduled minor release of Reader 9.4.1).
So, what are you waiting for? Download Adobe Reader X now and get yourself protected.