Endpoint Security

Adobe Introduces Adobe Acrobat X With New “Protected Mode”

Adobe today announced its new Acrobat X Family of products, which includes Adobe Reader X as well as Acrobat X Suite, Acrobat X Pro, and Acrobat X Standard. In the new release, Adobe is adding an entirely new security strategy by introducing a new “Protected Mode” in Acrobat Reader. Announced this past summer, Protected Mode utilizes “sandboxing” technology based on Microsoft’s “Practical Windows Sandboxing technique ” – a method of isolating the application from the rest of the operating system and tightly controlling its resources.

SecurityWeek News

October 18, 2010

Acrobat X Protected Mode

Protected Mode will be enabled by default and users will need to take action and “approve” certain actions. According to Brad Arkin at Adobe, if Acrobat Reader needs to perform an action that isn’t permitted in the sandboxed environment, such as writing to the user’s temporary folder or launching an attachment inside a PDF file using an external application, the requests are funneled through a “broker process,” which has a strict set of policies for what is allowed and disallowed to prevent access to dangerous functionality.

Adobe, Microsoft and other third parties have been working closely together on the new sandboxing technology. This past summer, Microsoft and Adobe announced an agreement to collaborate and facilitate advanced information sharing on vulnerabilities via the Microsoft Active Protections Program (MAPP) which Adobe has joined. MAPP is a collaborative effort involving 65 global members that facilitates the sharing of product vulnerabilities with security software providers.

“Adobe Reader Protected Mode represents an exciting new advancement in attack mitigation. Even if an exploitable security vulnerability is found by an attacker, Adobe Reader Protected Mode will help prevent the attacker from writing files, changing registry keys or installing malware on potential victims’ computers,” said Brad Arkin in a blog post when the feature was first announced.

Acrobat X is scheduled to ship within 30 days and Acrobat Reader X will be available online sometime in November.

Brad Arkin talks about the new security features of Adobe Acrobat X Below.

Written By SecurityWeek News

Latest News

Click to comment

Mapping Threat Intelligence to the NIST Compliance Framework Part 2

How threat intelligence is critical when justifying budget for GRC personnel, and for threat intelligence, incident response, security operations and CISO buyers.

Landon Winkelvoss

Password Dependency: How to Break the Cycle

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the password dependency cycle. But how can this be done?

Torsten George

Why CISOs Make Great Board Members

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make for successful board members.

Galina Antova

A Change in Mindset: From a Threat-based to Risk-based Approach to Security

A threat-based approach to security often focuses on a checklist to meet industry requirements but overlooked the key component of security: reducing risk.

Marie Hattar