Adobe Reader version 10 released !

So has somebody noticed any improvements in the 10 version? Other than the new protected mode, which is more security related anyway. I am specifically asking about improvement in speed, system resource consumption etc. Is it lighter, faster than the previous version? Adobe Acrobat has become progressively bloated since version 6 onwards and most of the time the only improvement in the new version seems to be that it is more bloated than the previous version.

 

Since its last release, Foxit Reader supports DEP and ASLR. And in an upcoming release, they will support running with a low integrity level. I've been in touch with their security team about this feature. This is an essential step towards a sandboxed application.

But AFAIK, they have no plans for a real sandbox: e.g. implementing a sandboxing technology that not only contains exploits inside the sandbox, but provides the application access outside the sandbox when necessary, for example to save a file.

 

Answering my own question. I installed the full version of Adobe Acrobat pro 10 and on my system it performs slightly faster or equal to the Adobe Acrobat pro 8, the version I had previously. So, Adobe did make improvements to this new version 10 to make it lighter and faster. I had skipped the previous Acrobat version 9 as it was heavier on the system than Acrobat version 8, without adding any significant new features.

 

Adobe Reader X sandbox leaves 'residual risk'

 

It's not a problem with Adobe Reader X's sandbox. It's just how integrity levels work. An object with a low integrity level (the sandbox) has no write or execution permissions to higher levels, but it's still possible to read data in higher levels.

The same happens with IE Protected Mode and Chromium based browsers sandbox. And, that happens, because the way integrity levels work.

 

Round One goes to Adobe Reader X

 

One would only expect that.

I just hope Adobe Reader X's sandbox (I'm only talking about low integrity level) isn't as poorly implemented as Chromium's. (Yes, under a few conditions, Chromium (and every based browser) will be running with the same rights as the account the user is logged in as, be it administrator or standard user. Considering Google's engineers could not reproduce - despite the fact Sully, Kee1958, me and one other user could - so, I don't expect it to be solved.)

Anyway, let's hope Adobe Reader X sandbox does the job as it is suppose to do. ... Finally...