Adobe has become the whipping boy for many security pundits over the last 24 months, but today they have made the most public move to change that opinion since announcing a new security strategy in May 2009. Brad Arkin their Senior Director, Product Security & Privacy made a blog post today announcing Adobe Reader Protected Mode.
In a nutshell Adobe's next major release of Reader will default to using a sandbox method of isolating Adobe Reader from modifying your computer if a vulnerability is exploited. I must say I am disappointed that we are not getting this now, but it is great news to see Adobe taking a progressive step to stop malware writers from using its large foothold on our desktops to their advantage.
In his blog Brad mentioned that his team has been working with the Microsoft Office 2010 team and the Google Chrome team to develop this release. These are two of the most successful sandbox implementations currently in widespread use. Neither have a perfect track record, but this implies Adobe can learn from the lessons Microsoft and Google have already paid the price for.
A date for the release has not yet been set, but you can count on plenty of coverage from Sophos when it becomes available. Here's to hoping they implement a similar technique for Adobe Flash leaving all of us a whole lot more secure.
Creative commons of sandbox photo courtesy of 86/365's Flickr photostream (Adobe logo added by me).
