Adobe Systems Inc. has launched a new protected mode for its highly ubiquitous Flash Player that could thwart attackers from targeting flaws in the browser component in Mozilla Firefox.
Sandboxing technology has proven very effective in protecting users by increasing the cost and complexity of authoring effective exploit.
Peleus Uhley, platform security strategist, Adobe Systems Inc.
A beta version of Flash Player sandbox for the Firefox browser was released this week. The protected mode is currently available for users of Google Chrome. It is designed to isolate Flash Player from sensitive processes, making it more difficult for attackers to target Flash vulnerabilities, using Flash Player as a stepping stone to gain access to critical processes or data.
Adobe Flash Player Protected Mode for Firefox 4.0 or later will be supported on both Windows Vista and Windows 7.
“Sandboxing technology has proven very effective in protecting users by increasing the cost and complexity of authoring effective exploits,” wrote Peleus Uhley, platform security strategist at Adobe. “For Flash Player, this is the next evolutionary step in protecting our customers.”
While Adobe touts the benefits of sandboxing, so far there has been little evidence that it has helped defend against attacks. Flash and Adobe Reader and Acrobat remain the most targeted software by attackers. Uhley said Flash Player protected mode forces it to run as “a low integrity, highly restricted process that must communicate through a broker to limit its privileged activities.” Adobe engineers worked closely with Firefox developers to create the new sandbox mode.
Engineers also worked closely with Google to develop a sandbox version of Flash Player for the Chrome Browser. That version of Flash Player is supported for users of Windows XP.
Adobe began rolling out “protected mode” for Adobe Reader and Flash Player in 2010. Adobe Reader X was created in response to an increased focus by attackers in targeting zero-day flaws in the software. While sandboxing technology won't stop all attacks, it does provide an additional layer of defense and makes attacks more difficult to pull off. Last year, researcher Billy Rios demonstrated a way to bypass Flash Player sandboxing.
The company has been increasing the security layers in its software. Protected View was launched last year and is enabled by default when a user opens up an untrusted file in Adobe Reader X.