Office 2010 Protected View and Adobe Reader Protected Mode – Sandbox


Beginning in Office 2010 you might have observed that, when you open a document / spreadsheet / presentation, it first opens the same for reading in a Protected View, only on your consent it further takes you to edit the same. This implementation was made using a Windows Sandboxing Technique.

Office 2010 Protected View

Now, Adobe is working towards implementing a similar Sandbox technology ‘Protected Mode’  for its reader products. Protected Mode is based on Microsoft’s Practical Windows Sandboxing technique. Adobe has been working closely with Microsoft Office security team and the Chrome team at Google, as well as third-party consultancies and other external stakeholders to leverage their sandboxing knowledge and experience.

An excerpt from the official blog post says –

“With Adobe Reader Protected Mode enabled (it will be by default), all operations required by Adobe Reader to display the PDF file to the user are run in a very restricted manner inside a confined environment, the “sandbox.” Should Adobe Reader need to perform an action that is not permitted in the sandboxed environment, such as writing to the user’s temporary folder or launching an attachment inside a PDF file using an external application (e.g. Microsoft Word), those requests are funneled through a “broker process,” which has a strict set of policies for what is allowed and disallowed to prevent access to dangerous functionality. “

Personally, I have been a biggest fan of User Account Control (UAC) ever since it was implemented in Windows Operating System. Focusing on Standard User Environment always gives various benefits w.r.t Security and stability. The modern OSes have demanded this change in the way, applications are built and developed. Office and Adobe compete on many fronts in the industry., but they’ve put all that aside when it comes to helping protect customers from security issues.

Its really good to see 2 big players share their solutions and approach; This definitely gives the all needed – “End User Experience”.

Courtesy: You can read the official Announcement from Adobe Team here