Welcome to WebmasterWorld Guest from 54.159.19.75

Forum Moderators: phranque

Message Too Old, No Replies

Adobe to beef up PDF security with Reader sandboxing

     
2:48 am on Jul 23, 2010 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Oct 12, 2000
posts:14487
votes: 49


If they do this I might feel safe recommending Adobe Reader again!

Adobe to beef up PDF security with Reader sandboxing [computerworld.com]

Adobe Systems Inc. today announced that it will harden the next version of its popular Reader PDF viewer, a frequent target of attacks, by adding "sandboxing" technology to the software.

Sandboxing, perhaps best known for its use in Google Inc.'s Chrome browser, isolates processes from one another and the rest of the machine, preventing or hindering malicious code from escaping an application to wreak havoc or infect the computer.

Previously, security experts had said that sandboxing Reader would be a smart move by Adobe as it struggled to lock down the program and prevent vulnerabilities from being exploited by hackers.

According to Brad Arkin, Adobe's director of security and privacy, sandboxing will be added to the next major Windows upgrade to Reader, Version 10, before the end of the year.
5:19 am on July 25, 2010 (gmt 0)

Senior Member from KZ 

WebmasterWorld Senior Member lammert is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Jan 10, 2005
posts:2886
votes: 1


It's a good move that a software provider tries to stop abuse of its software by design, instead of fixing holes after they have been identified. But I would rather see the whole concept of sandboxing and isolating processes and authorizations to be implemented at the operating system level rather than the application level.