Sophos Cloud Optix
The much awaited Adobe Reader X was made available today at http://get.adobe.com/reader for OS X and Windows platforms.
Paul Ducklin wrote about the release of Adobe Acrobat X a few days ago and shared his confusion over the way Adobe has managed the release of Reader/Acrobat and his concern at the very large size of the current codebase. The Mac version weighs in at just under 70 megabytes (415MB on disk), while the Windows version is 35 megabytes (105MB on disk).
While more lines of code certainly leaves more room for error, Reader X does include Adobe’s latest efforts to thwart attackers through the use of a write-blocking sandbox. This means that when you open a PDF file that may try to exploit a vulnerability in Reader X it will be unable to write any files to your hard disk which will help prevent malware from installing itself on your computer.
Although Reader X is available for OS X, the sandbox technology is only implemented on the Windows platform. This doesn’t mean Mac users shouldn’t consider updating to the latest release, however they will not benefit from the enhanced safety provided by the sandbox.
Sandboxing has had a spotty track record. Oracle Java is the most well known implementation of a sandboxed application environment and has been plagued by security flaws. Microsoft Office 2010 and Google Chrome on the other hand share a heritage with Adobe’s implementation and have demonstrated improved security over their non-sandboxed counterparts.
Bottom line? If you are an Adobe Reader user or administrator I recommend rolling out Reader X as a precautionary measure. The next attack against Reader may be right around the corner and it presents your best defense against malicious PDF files.
The Adobe DLM is getting extremely annoying. A download manager might have made sense ten years ago, but with wide-spread broadband access, it doesn't make sense any more. Why should we be forced to download and install a specialised download manager simply to download and install the software we actually want?
Thankfully they haven't extended this horrendous bit of software to Google Chrome yet, so it is possible to bypass the DLM and simply download the software directly:
http://get.adobe.com/reader/completion/?installer…
Other post-installation tasks:
* Check the Adobe Reader security settings, which will all have been reset to the insecure defaults;
* Remove the "Adobe Reader Speed Launcher" auto-run entry (unless you only ever use your PC to read PDFs);
Yep, remove speed launcher from startup.
Only need/want a PDF reader.
So after install- uninstall the DLM & AIR.
The sandboxing only protects from exploits of Reader X itself?
or there's enough common code with older versions, and they won't catch?
…so need to upgrade
You can always get it from ftp.adobe.com to avoid the download manager mess.
ftp://ftp.adobe.com/pub/adobe/reader/win/10.x/10.0.0/en_US/