- Oct 31, 1999
- 30,699
- 1
- 0
Adobe Reader 11, or XI in Roman numerals, is available from Adobe's site, or I usually get it from their FTP site at ftp://ftp.adobe.com/pub/adobe/reader
For the Windows version, Adobe has improved their sandbox, which was already a real security game-changer in version 10. They've also used ForceASLR to enforce the use of Address Space Layout Randomization on any .DLL that Reader loads, which makes exploitation more difficult.
I installed Reader and disabled Adobe JavaScript as usual. That setting is found by clicking Edit > Preferences, then choosing JavaScript in the Preferences sidebar and unchecking the box, like so:
This feature has historically been abused to launch Flash exploits from PDFs, and I think most of us will not be impacted by having it disabled.
I also hit the Security (Enhanced) panel, and set Reader to always open stuff in Protected View:
This puts extra constraints on PDF content in case it's malicious.
On the topic of security: ASLR works in conjunction with Data Execution Prevention (DEP), so make sure your system's set to enforce DEP on all software (which is not the default setting). An easy way to do that is to install Microsoft EMET and configure it, which I have some guidance on here: http://www.mechbgon.com/build/security2.html#sehop EMET is an anti-exploitation package with little performance impact, definitely worth having.
For the Windows version, Adobe has improved their sandbox, which was already a real security game-changer in version 10. They've also used ForceASLR to enforce the use of Address Space Layout Randomization on any .DLL that Reader loads, which makes exploitation more difficult.
I installed Reader and disabled Adobe JavaScript as usual. That setting is found by clicking Edit > Preferences, then choosing JavaScript in the Preferences sidebar and unchecking the box, like so:
This feature has historically been abused to launch Flash exploits from PDFs, and I think most of us will not be impacted by having it disabled.
I also hit the Security (Enhanced) panel, and set Reader to always open stuff in Protected View:
This puts extra constraints on PDF content in case it's malicious.
On the topic of security: ASLR works in conjunction with Data Execution Prevention (DEP), so make sure your system's set to enforce DEP on all software (which is not the default setting). An easy way to do that is to install Microsoft EMET and configure it, which I have some guidance on here: http://www.mechbgon.com/build/security2.html#sehop EMET is an anti-exploitation package with little performance impact, definitely worth having.
Last edited:
Facebook
Twitter