Protected mode is a technology that's previously been seen in Internet Explorer, Google Chrome and Microsoft Office 2010, which effectively sandboxes the application, and restricts it from performing an action outside of the sandbox without verifying whether or not the action is legitimate, which helps stop illegitimate applications before they can access the system.
Adobe says that they have been working closely with Davic LeBlanc, Dan Jump and "other members of the Office 2010 team", as well as the Google Chrome team and various other third party consultancies utilising their knowledge and experience to learn the best way to integrate the technology.
Adobe Reader's new protected mode is based on Microsoft's Practical Windows Sandboxing technique, and will be enabled by default. Adobe Reader will perform all actions it needs to display the PDF file on the PC in a "very restricted manner" inside the sandbox. If Adobe reader needs to access an external application, such as copying and pasting information out, or opening an attachment in an external application, such as Microsoft Word, the requests are "funneled through a 'broker process'" which checks for allowed and disallowed access, to prevent dangerous behavior, such as that found in malware and viruses.
The technology means that if a new security vulnerability is found in Reader, which happens from time to time, Protected Mode will help stop the attacker "from writing files, changing registry keys or installing malware on targeted computers".
According to Adobe, the first release of "protected mode" will be only the first step in implementing the technology, and will sandbox all "write" calls on Windows 7, Vista, XP, Server 2008 and 2003. In future releases of Adobe Reader, the company plans to extend the implementation of the sandbox further to include read-only activities to "stop attackers seeking to read sensitive information on the user's computer", such as personal files and information.