Threat Level: green Handler on Duty: Manuel Pelaez

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Adobe Reader X - Sandbox

Published: 2010-11-19
Last Updated: 2010-11-19 17:45:42 UTC
by Jason Lam (Version: 2)
9 comment(s)

Adobe released the Reader X version today. This is the version of Reader that has sandbox feature built-in, there is now a degree of separation between the OS and the potentially malicious PDF files. The same sandbox mechanism had been implemented in Google Chrome and also MS Office. Containment of the harmful files lessen the damage should a successful attack were to happen. Given the amount of 0-day attacks on this software, we recommend our readers on Windows platform to upgrade to this version of Reader soon to leverage the sandbox technologies. While it does not prevent all exploitation, every little bit helps.

Adobe has written a series of blog entries explaining the sandbox mechanism. A good read if you are curious how it helps to protect against attacks.

9 comment(s)
Diary Archives