Adobe Reader and Acrobat X (10.0.1), 9.4.2 and 8.2.6
Today, we announced the availability of Adobe Reader and Acrobat X (10.0.1), 9.4.2 and 8.2.6. While addressing critical vulnerabilities, as mentioned in Security Bulletin APSB11-03, it is important to note that the risk for Adobe Reader X users is significantly lower, as all of the vulnerabilities are mitigated by Protected Mode in this latest version.
Adobe Reader Protected Mode
If you recall, we talked about a concept called ‘sandboxing’ – introduced in Adobe Reader X in November. Highly respected by security professionals, sandboxing is a method of creating a confined execution environment for running programs with low rights or privileges. Sandboxes protect users’ systems from being harmed by untrusted documents that contain executable code. In the context of Adobe Reader, the untrusted content is any PDF file and the processes it invokes. Adobe Reader X treats all PDF documents as potentially corrupt and confines all processing to the sandbox.
Specifically, to protect you and your organization from malicious code that attempts to use PDF files to write to a computer’s file system, Adobe provides an implementation of sandboxing technology called Protected Mode. Enabled by default whenever you launch Adobe Reader X, Protected Mode helps prevent attackers from installing malware on a user’s system, thereby reducing the risk of potential security threats. Protected Mode limits the level of access granted to the program, safeguarding systems running the Windows operating system from malicious PDF files that might attempt to write to the computer’s file system, delete files, or otherwise modify system information.
More Information on Protected Mode?
Check out this new white paper that dives deep into sandboxing and other security features, and how the Acrobat X family of products takes the security of PDF documents and data to a new level.
Steve Gottwals, Group Product Manager, Adobe Reader