Scheduled for inclusion in the next major version release of Adobe Reader, Protected Mode is a sandboxing technology based on Microsoft’s Practical Windows Sandboxing technique. It is similar to the Google Chrome sandbox and Microsoft Office 2010 Protected Viewing Mode.
Brad Arkin, Adobe’s senior director of product security and privacy said:
“With Adobe Reader Protected Mode enabled (it will be by default), all operations required by Adobe Reader to display the PDF file to the user are run in a very restricted manner inside a confined environment, the ’sandbox,’”
Reader and all plugins code will run in the sandbox. The actions such as writing to a user’s temporary folder are not permitted. Malicious code sneaks onto a computer by successfully exploiting a hole in Adobe reader be contained within the sandbox. Arkin said,
“Even if an attacker is able to take over Adobe Reader you’ll be protected,”
Because the vast majority of Adobe Reader downloads and exploits are on Windows, Adobe’s sandbox is Windows-only and will initially be limited to blocking write operations, there are no plans to add this feature to the version for Mac.
The sandboxing approaches that Microsoft has pioneered in Office, including the sandbox for its search subsystem, the MOICE sandbox, and Protected View, are there to improve the overall state of security on Windows. Adobe has been working closely with the Microsoft Office security team — Microsoft’s and Adobe’s products compete on many fronts, but it makes sense for Redmond to help its partners in the area of security.
Of course, it won’t be effective for users who don’t upgrade even if Adobe is successful in developing a rock-solid sandbox for Reader, so automatic updating is considered to promote better security than manual updating.
In fact, it has been understood for a long time now that allowing remote code execution is dangerous, Adobe Reader, Acrobat and Flash are all known to create additional vulnerabilities when you install them on your system. If you don’t want to wait for the Adobe Protected Mode, the products such as FoxIt Reader and Nuance PDF Reader with similar security contorls are available for windows users.
Anyway, as what Arkin said:
“It’s an exciting new step, but it’s not the security cure-all that will fix all problems forevermore,”