FileOpen Systems has just released the 0900 plug-in to Adobe Reader and Acrobat for Windows, which introduces important new functionality including real-time watermarking, tightened control over screen capture, and full compatibility with Adobe Reader X.
Adobe Reader X on Windows includes a new security feature, "protected mode," which is designed to limit the ability of malicious code to infect systems via PDF files. The new FileOpen plug-in operates fully in protected mode, which is the default configuration of Adobe Reader X.
Importantly, Adobe released a security advisory on March 14, 2011 (http://www.adobe.com/support/security/advisories/apsa11-01.html) describing an exploitable vulnerability in the Flash player. The same vulnerability can also affect Adobe Acrobat and Adobe Reader 9, which bundle the Flash player, and Adobe Reader X if operating outside of protected mode.
According to Adobe, "this vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system." They go on to say that while Adobe Acrobat and Reader have not been directly targeted, "Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing."
As a precaution, we strongly recommend that all publishers of FileOpen-protected PDFs distribute this new client to their end-users. Recipients of secured PDFs may also install the new plug-in directly from http://plugin.fileopen.com, then confirm that the box is checked at Edit>Preferences>General>Enable protected mode at startup.
Documents distributed with older versions of the FileOpen plug-in are forward-compatible with the new plug-in, so end-users do not need to obtain new documents or permissions from the publisher.