Adobe Launches Sandboxed Reader X

CWmike writes "Adobe on Wednesday released Reader X, the next version of its popular software that includes a 'sandbox' designed to protect users from PDF attacks. Protected Mode is Adobe's response to experts' demands that the company beef up the security of Reader, which is aggressively targeted by attackers. Calling the sandbox a 'new advancement' in protective measures, Brad Arkin, Adobe's director of security and privacy, admitted it will not stymie every attack. But he argued it will help. 'Even if exploitable security vulnerabilities are found by an attacker, Adobe Reader Protected Mode will help prevent the attacker from writing files or installing malware on potential victims' computers,' Arkin said in a post to a company blog late on Thursday."

Adobe Reader, now even slower!

[RingDev]

I mean really, Adobe Reader has become one of the worst PDF readers available. It's slow. It hangs the browser. It's constantly getting attacked. And it's a total pain to keep it updated.

Just get Foxit and be done with it. It's light weight, doesn't hang browsers while opening large PDFs, has a SIGNIFICANTLY better search interface, and so far hasn't been subject to any major attacks/flaws.

-Rick

er, wat?

[Entropius]

Evince works just fine here!

Re:Air taggs along.

[ShakingSpirit]

Though it's not linked anywhere, cut-down installs of Adobe Reader can always be obtained from http://get.adobe.com/uk/reader/enterprise/ [adobe.com]

FTP Links

[Anonymous Coward]

ftp://ftp.adobe.com/pub/adobe/reader/win/10.x/10.0.0/ [adobe.com]

A few language options available, and EXE or MSI format.

Re:The OS should provide the option to sandbox too

[humphrm]

There are security / firewall products out there for Windows that do just that, sandbox applications. I won't shill any, but there are free (as in beer) products too.

I only mention Windows because it's trivially easy to sandbox apps in just about any other OS.

For Windows & *NIX variants? You can...

[Anonymous Coward]

For Windows, you can use a FREE program called "SandBoxie" (and it's NOT just for webbrowsers, it can sandbox any Ring3/RPL3/UserMode app) http://www.sandboxie.com/index.php?DownloadSandboxie [sandboxie.com] , and on *NIX's you can use chroot (of course) & create a chroot jail.

APK

Re:Adobe Reader, now even slower!

[Spad]

and so far hasn't been subject to any major attacks/flaws.

Sadly not true; it was vulnerable to the /launch "vulnerability/feature" as well as a couple [secunia.com] of others [secunia.com]. Even Sumatra has had one [secunia.com].

Re:Adobe Reader, now even slower!

[EvilMonkeySlayer]

Foxit is fine for home assuming you remember to correctly untick all the adware options. But in a work environment (I work at a printers) on average i'd say Foxit incorrectly renders PDFs about 5% of the time, leading to support calls whereas Adobe Readers incorrect rendering is pretty non-existent. (I actually tried switching work over to Foxit a while ago, nothing but support hassle from incorrectly rendered PDFs)

I'm not defending Adobe here because I think their reader is a bloated pos, but if you're going to recommend a third party PDF viewer then Sumatra is the best, it's light weight, loads damn near instantly and doesn't include a JS engine side stepping a lot of security issues.

Also, on the major attacks/flaws thing. Actually Foxit has had some seriously bad security issues, you need only google for "foxit reader security holes" or look on explot-db [exploit-db.com] to see them.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Adobe Reader, now even slower!

[yuhong]

Or use it because it is patched faster.

Re:Adbode pdf browser plugin

[Anonymous Coward]

What does it have to do with Internet Explorer? It was Mozilla that came up with the browser plug-in concept and introduced NPAPI with Netscape 2.0 specifically to allow this. That same plug-in API is still used in Firefox, Safari, Chrome and Opera. That predates the integration of ActiveX (or NPAPI) in Internet Explorer.

Just installed it on my Mac...

[proxy318]

"Installing this program will take up 415.8 MB of space". Seriously? WTF Adobe, this reads PDFs AND DOESN'T DO ANYTHING ELSE, are you trying to make it as bloated as possible?

Re:Alternatives

[Gorphrim]

Ok now I'm being a Foxit shill lol But when you say Foxit "honestly...isn't much better" than Adobe Reader, well that is just way wrong IMHO. The bloat of Reader is incomparable.

Re:The OS should provide the option to sandbox too

[LordLimecat]

I ahhhh hate to break the news to ya McGrew, but actually repairing Windows PCs for a living I can tell you the vast majority of Windows infections post XP SP2 is PEBKAC related.

Hate to break it to YOU, but also doing IT work for a living-- dealing with top to bottom (helpdesk up to routers / firewalls), I can tell you thats a techie cop-out. The VAST (and I mean VAST) majority of infections come from out of date browsers and plugins with gaping vulnerabilities. I ask each and every infected customer to relate what they were doing prior to infection, and verify their claims with browser history and temp file. I see 2, maybe 3 per year that were honest-to-goodness "downloaded and ran cheeseburger.exe" exploits; all the rest went thru Acrobat or Flash or Java (1.5 FTW) or Quicktime or thru an out of date browser.

Switch your common offenders to Google Chrome, turn off all non-native plugins, enable the Chrome PDF and Flash native plugins, and THEN see how many infections you get (as chrome forcefully auto-updates all 3). I think you will be suprised.

Re:Adbode pdf browser plugin

[Ripsaw]

It's trivial to set Adobe Reader to open outside the browser. Just clear the "Display PDF in browser" check box on the "Internet" panel of the preferences.