I’ve been pretty brutal with my opinions on Adobes security posture lately (an opinion that is far from unique in our industry). However, recent releases of PDF reader give me hope for the future.
http://blogs.adobe.com/asset/2010/10/inside-adobe-reader-protected-mode-part-1-design.html http://blogs.adobe.com/asset/2010/10/inside-adobe-reader-protected-mode-%E2%80%93-part-2-%E2%80%93-the-sandbox-process.html I think this bodes very well. Does flash offer the same kind of protection, and if not, will we see this protection in the future? Is this a big of a deal as I think it is? Will protected mode really reduce the risk of malformed PDF attacks as significantly as it appears? Thanks and Cheers, Jim
_______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________