Adobe's Reader X Spoils New PDF Attack 72
CWmike writes "Gregg Keizer reports that Adobe's Reader X stymied a recent attack campaign, researchers said Thursday. But they're not sure why. 'I don't want to take anything away from Adobe — after all, a win is a win — but this particular exploit appears to be designed with previous versions of Reader in mind,' said Chris Greamo, who heads the security research lab at Invincea. 'What appears to have happened is that the exploit breaks, but we don't have a good sense if the sandbox was able to contain it.' Reader X, an upgrade issued last year, features a 'sandbox' designed to protect users from PDF exploits. Adobe claimed that a recently-addressed bug in Chrome that lets attackers escape the browser's sandbox was not present in Reader X's sandbox code. Google patched that bug, the first to earn the company's top bug bounty of $3,133, three weeks ago. Adobe said Thursday it will would ship its next regular update for Reader on Tuesday, Feb. 8."
That's just sad. (Score:2, Insightful)
PDF reader... sandbox...
A Document Format that needs a sandbox. I don't have a sandbox around my text editor, nor my PNG viewer, nor my MP3 player... Tell me again, why do we need our document formats to be little programming languages?
Re:That's just sad. (Score:5, Insightful)
PDF reader... sandbox...
A Document Format that needs a sandbox. I don't have a sandbox around my text editor, nor my PNG viewer, nor my MP3 player... Tell me again, why do we need our document formats to be little programming languages?
The problem is Adobe Acrobat Professional, or whatever they call their expensive software for creating PDFs. In order to get people to keep buying new versions they have to keep adding more and more features. Which means that Adobe Reader has to be constantly updated so that it can read PDFs with all those new features. New features equals new bugs and security exploits.
Re:That's just sad. (Score:4, Insightful)
Re:That's just sad. (Score:5, Insightful)
Any program that interprets untrusted information could benefit from a sandbox. While directly it prevents the interpreted code from explicitly accessing outside its bounds, it also protects the system from bugs in the interpreter that could cause the interpreter itself to perform actions outside its environment.
Since you mention PNG, I have seen examples of security patches for PNG and TIFF viewers that addressed security problems because it was possible to execute arbitrary code based on a bug in the viewer's interpretation of the picture data. (usually through overflows)
This came as a surprise to me with TIFF because I thought TIFF was raw uncompressed picture data and that would be immune to interpretation, but that was not the case.