Flash Player in the Sandbox

Adobe has released a public beta version of its Flash Player software for Firefox that forces the program to run in a heightened security mode or “sandbox” designed to block attacks that target vulnerabilities in the software.

Flash Sandboxing

Sandboxing is an established security mechanism that runs the targeted application in a confined environment that blocks specific actions by that app, such as installing or deleting files, or modifying system information. The same technology has been built into the latest versions of Adobe Reader X, and it has been enabled for some time in Google Chrome, which contains its own integrated version of Flash. But this is the first time sandboxing has been offered in a public version of Flash for Firefox.

Flash is a big target of attackers partly because it is a powerful program with a huge install base; vulnerability management firm Secunia estimates that some version of Flash is installed in 96 percent of the world’s Microsoft PCs. Windows users can further harden their systems against such attacks by swapping out their current version of Flash for this beta.

The sandboxed Flash for Firefox — Flash Player 11.2 beta 5 — works with Firefox 4 or later running on Window Vista or Windows 7. The latest build is available here:

http://labs.adobe.com/technologies/flashplatformruntimes/incubator/

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: