Click on any phrase to play the video from that point.
Hi. I'm Brad Arkin. I'm the senior director for Product Security and Privacy here at Adobe. In this role I manage a couple of teams. The first team that I manage is the Adobe Secure Software Engineering Team, and this group looks after all the proactive work that we do with the product teams to make sure that we're building our software to be as robust as possible against attack. Now, no software is going to be 100 percent perfect and free of flaws, and so I also manage a team called the Product Security Incident Response Team, or PSIRT. This is the group that works with the outside world in order to understand if there's any vulnerabilities identified in our software and to work with the researchers and our customers to make sure that we take that information and use it in order to get the software updated to make it as robust as possible and respond quickly to any incidents that occur. We're very excited about the latest release for Adobe Reader and Acrobat Version 10. We saw that in early 2009 bad guys started to look at PDF as an attractive attack vector because of the fact that it works as an email attachment as well as a Web browser attack scenario. There's two different ways to go after the users, so bad guys started to leverage this by shipping corrupted PDF files which would then install malware on the machine once they were opened by the user. We did a lot of work in order to harden Adobe Reader and Acrobat Version 8 and Version 9, but there's a lot of changes that were just too big to make as part of a dot release, and so we had to roll those into Version 10, which shipped in November of 2010. One of the biggest features that we're most excited about is Adobe Reader Protected Mode. Protected Mode is an example of sandbox technology, so it runs as a low rights process on a Windows machine. We ship in on by default so that all the users who deploy it can take advantage of it. And the result of this extra layer of protection is that even if an attacker is able to find a vulnerability inside of the Reader code base, the exploit against that would then leave the attacker running code inside of the low rights process on a Windows machine. And what this means is that they can't assault software, they can't tamper with files, the bad guys can't change the registry or do any of the other interesting activities which they were using in attacks against older versions of Reader and Acrobat. We shipped this in November of 2010, and since then we've been very pleased with the results. Bad guys have in effect moved on to other targets because of these defenses that we've seen in Reader 10. Starting with 10.1, we're also giving our users the opportunity to use Acrobat Protected View. In the browser plug-in this offers the same experience that users have with Adobe Reader Protected Mode. The browser plug-in runs in the sandbox. Any malware that were to attack that plug-in would not be able to install software on the machine, even if they're successful in running code inside the sandbox. That's how the sandbox design works. And for any files that users double click off of an email attachment, they load off of a file share, when Protected View is enabled, the result will be that it's also running in a sandbox, and only if they choose to make a trust decision through the user interface would they then be able to use the full functionality of Acrobat. And this is a feature that users can enable starting in 10.1 and later which will be an extra level of defense, which might be appropriate for high assurance environments. The end result of all this is that Reader and Acrobat Version 10 is much more robust against the types of attacks that we've seen over the past couple years, and our goal is to make it as hard as possible to attack so that users will have that confidence of operating with the software in a safe and secure manner and then also to reduce the cost involved with responding to security incidents and then rolling out frequent patches if there are attacks. The other piece of the equation for us is not only making the software as hard as possible to attack but also to make sure that when there's new updates available they are as cheap as possible to roll out. We've done a lot of work to reduce the exceptions and any of the errors that might lead to admins having to go out and manually apply these updates. And one of the biggest things that we've changed with Version 10 is that we're now shipping SCUP catalogs for environments that leverage Microsoft SCCM. The end result of this is that it's much easier for these environments to roll out updates very quickly after they're released in the same manner that they're already updating their Microsoft stack, the same way that they'd update Microsoft Office or Microsoft Windows. All of this work--the hardening of the code, making the application more robust against the attacks that we're seeing today, as well as the changes that we've made to make the software cheaper and easier to deploy-- makes it overall a lot less expensive to operate Reader and Acrobat in these large environments. And so it's something that we're very excited to get out to our users. And for all of the environments who have already made the update, we've seen that their cost of operations have really been reduced dramatically at the same time as increasing their assurance level of operating in a safe and secure manner for their end users. Another thing that we're very excited about is the new updater that we integrated into Version 8/9, and then it also remains, the same updater for Version 10, for Reader and Acrobat. We introduced this in April of 2010, and we've seen that the update metrics for our user base has really improved as a result. The new updater, there's lots of changes that we've made in order to make it more effective in the consumer environment. But the biggest difference that our users notice is that we now offer a fully silent automatic mode. What this means is that anyone who selects this option will now get the updates downloaded automatically and installed without requiring any user interaction. And so without any effort on the users' part, they can stay up to date and always take in the benefit of having the latest version of the software installed on their machine. Now, one of the things that we're planning to do in the summer of 2011 is we're going to offer our entire user base the opportunity to move into the fully automatic mode. Up till now, most users, if they haven't done anything special, are still in that semi-automatic mode, which will download the update, inform the user it's available, and ask them if they want to install it. And so what we're hoping is that by promoting most of the user base into the fully automatic mode, we'll be able to help the overall user base around the world stay up to date with lower cost, lower effort on their part, which is going to help protect all of us because it makes it a less attractive attack target. The bad guys are going to focus on other products to attack. And so this is another thing that we're doing in order to help protect our users, primarily in a consumer environment, but the benefits are something that expands across all of our user base.
