A recent study of 45 U.S.-based organizations found that cyber-crime attempts result in at least one successful attack each week, at a median annual cost of $3.8 million per year, per company, reaching as high as $52 million. Employing software that fully utilizes OS mitigations can decrease risk. Security experts have advised that the best defense is layered in depth to protect on multiple fronts using tools built in to both the application and the OS.

It is recommended that the following standards be present in any PDF solution that is evaluated for usage in your organization:

  • Application sandbox – with a sandbox, the OS creates a confined execution environment for running programs with low rights or privileges.
  • Data Execution Prevention – Data Execution Prevention (DEP) prevents placement of data or dangerous code into memory locations that are defined as protected by the Windows® operating system.
  • Non-executable memory – Hardware DEP raises an exception when code is executed from a non-executable (NX) memory location.
  • Safe structured exception handling – Software-enforced DEP checks the validity of exceptions thrown in a program to prevent malicious code from taking advantage of the exception-handling functionality.
  • Address space layout randomization – This technique hides memory and page file locations of system components, making it difficult for attackers to find and target those components. Both Windows and Mac OS X v10.6 use ASLR.
  • Stack cookies – The Buffer Security Check is a compiler option where a stack cookie is injected to prevent exploitation from stack-based buffer overruns.

Adobe Reader® X and Adobe Acrobat® X are solutions that offer all five critical layers of security to prevent exploitation of a crash on Windows.

Contact your Dell sales rep to learn more.