Threat Level: green Handler on Duty: Tom Webb

SANS ISC: Adobe Reader X - Sandbox - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Adobe Reader X - Sandbox

Adobe released the Reader X version today. This is the version of Reader that has sandbox feature built-in, there is now a degree of separation between the OS and the potentially malicious PDF files. The same sandbox mechanism had been implemented in Google Chrome and also MS Office. Containment of the harmful files lessen the damage should a successful attack were to happen. Given the amount of 0-day attacks on this software, we recommend our readers on Windows platform to upgrade to this version of Reader soon to leverage the sandbox technologies. While it does not prevent all exploitation, every little bit helps.

Adobe has written a series of blog entries explaining the sandbox mechanism. A good read if you are curious how it helps to protect against attacks.

Jason

93 Posts
ISC Handler
Direct download is here: ftp://ftp.adobe.com/pub/adobe/reader/win/10.x/10.0.0/en_US/AdbeRdr1000_en_US.exe
Anonymous
Unfortunately Adobe Reader X protected mode does not work with Symantec Endpoint Protection Network Threat Protection module. Hopefully that is fixed soon.
Shawn

29 Posts
Would you please elaborate? What does "does not work" mean? I don't understand how the two are in any way related. We're using SEP 11.6001.
Anonymous
Adobe has published the following document to describe limitations of protected mode including known conflicts with some a/v software such as SEP.
http://kb2.adobe.com/cps/860/cpsid_86063.html#main_antivirus
Anonymous
Thanks. I guess I don't have to worry about SEP issues when the thing won't run on a Citrix server. :-(

We're still using v8 because Adobe removed MDI in v9 and now vX. We have a half dozen docs open at a time and with Adobe Reader launching a new instance for each doc and splattering them all over the monitor we simply cannot use the newer versions. If anyone knows of a good replacement that still has MDI and can use FDF files, we'd sure like to know.
Anonymous
Anyone find a way to customize the install yet?
The Adobe Customization Wizard 9 does not work with it, and I don't see a newer version...
Without that, deploying with GPO is going to be almost non-possible.
Anonymous
Althornin, have a look at Orca which is part of the Windows SDK Components for Windows Installer Developers (free from Microsoft). You have to get your hands a little dirtier than with the customization wizard, but it works well for generating transforms for any MSI based installer.
James

12 Posts
JJ: Have a look at the PDF-XChange Viewer (http://www.tracker-software.com/product/pdf-xchange-viewer). It has a MDI interface and is usually faster than Acrobat Reader.
Philipp Brenner

2 Posts
The Customisation Wizard is supposed to come in mid-december (maybe 6th or 15th), as rumours on the Adobe Reader Support Forum say. http://forums.adobe.com/thread/754466
daem0n647

6 Posts

Sign Up for Free or Log In to start participating in the conversation!