Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Submission + - Adobe Toughens Sandbox Security in Reader, Acrobat (securityweek.com)

wiredmikey writes: Adobe has beefed up the security capabilities of its Reader and Acrobat software with a more robust sandbox and new security mitigation features, the company said today.

Adobe Reader XI and Acrobat XI, which shipped this week, include a new whitelisting framework, cryptographic capabilities, and a feature that forces all of the DLL files loaded to use ASLR (Address Space Layout Randomization), even if the files were not originally compiled with ASLR enabled.
The biggest change in Reader and Acrobat XI, however, is in the sandbox. The original sandbox in Reader X focused on "write protection" to prevent attackers from installing malware on to the machine or recording user keystrokes. Reader XI now restricts "read-only activities" to prevent attackers from reading sensitive information.

Adobe said that since they added sandbox protection to Adobe Reader and Acrobat, they have not seen any exploits in the wild that break out of the Adobe Reader and Acrobat X sandboxes.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Adobe Toughens Sandbox Security in Reader, Acrobat

Comments Filter:

interlard - vt., to intersperse; diversify -- Webster's New World Dictionary Of The American Language