Finally! A sandbox for Adobe Reader

A little more than a year ago, Adobe announced their Adobe Reader and Acrobat security initiative, which would focus on code hardening, incident response process improvements, and a shift to a regular security update schedule.

As a part of this initiative, Brad Arkin of the Adobe Secure Software Engineering Team announced another big change – Adobe Reader is getting a “sandbox” environment that goes by the name of Adobe Reader Protected Mode.

“Scheduled for inclusion in the next major version release of Adobe Reader, Protected Mode is a sandboxing technology based on Microsoft’s Practical Windows Sandboxing technique. It is similar to the Google Chrome sandbox and Microsoft Office 2010 Protected Viewing Mode,” says Arkin.

“With Adobe Reader Protected Mode enabled (it will be by default), all operations required by Adobe Reader to display the PDF file to the user are run in a very restricted manner inside a confined environment, the “sandbox.” Should Adobe Reader need to perform an action that is not permitted in the sandboxed environment, such as writing to the user’s temporary folder or launching an attachment inside a PDF file using an external application (e.g. Microsoft Word), those requests are funneled through a “broker process,” which has a strict set of policies for what is allowed and disallowed to prevent access to dangerous functionality.”

The implementation of the Protected Mode will be executed in two phases. The first new release will sandbox all “write” calls on Windows 7, Vista, XP, Server 2008 and Server 2003 – so that exploits aimed at installing malware or changing the registry or the file system are blocked. Future releases will have the sandbox extended to include read-only activities so that attackers can’t read information contained on the computer.