Acrobat Reader Protected Mode
Vida Hubbert
What might work is putting bProtectedMode=0 under HKLM\Software\Policies\Adobe\Adobe Reader\11.0\FeatureLockDown, but this completely disables the option. I would like to give users the option to turn it back on, if need be.
I was having the same problem and I corrected it by (1) deploying a customized install of adobe reader via a "computer based" GPO, and then (2) disabling protected mode via a "user based" GPO with the key below.
After further thought, I think the reason why the Customized Install utility didn't drop that key in during install is probably because your GPO is computer based (I'm assuming) and the registry key is user based. When the GPO runs and the app is deployed, it happens before the CTRL-ALT-DEL screen comes up, so the computer based changes are made (i.e. the reader is installed), but the user based changes never have a chance to be implemented. Even though I haven't tested this with Adobe Reader, I've run into this type of issue with a GPO deployement before.
If you really wanted to have the Customized install do "everything" for you, I believe the solution would be to create a Custom package and link the install to a "User based" GPO and link the GPO to a "User OU" in your Active Directory. Then the software would install on a per user bases after the user log's in and the Key would also be created.
Personally I don't like to do this with Adobe Reader since I want all of my machines to have the software, so I create a "Computer based" GPO. But, if you're willing to test and create an all "User based" GPO deployement, I'd be curious to hear if this approach works for you.
I upgraded the Win 7 on PC from Home Prem to Pro and my Adobe Reader hangs and uses CPU anything I do past opening the first screen EVERY TIME. If I hit print, the print screen comes up and it hung there. If I go to Edit/Preferences, that screen comes up, but I am hung there - can't hit "general" to try adjusting settings others have mentioned. I have tried most or all of the Reg settings that helped folks, but none helped me. Got the welcome message turned of - didn't help. Made changes at HKLM and HKCU levels, but I am still having the issue. Also - for only opening one document, I always have two AcroRd32.exe in my task manager, although ending one "sometimes" ends them both. Sometimes I also have AdobeRAM.exe.
However, when I went to verify the version of Reader on my PC, (version 15.023.20070.19033) I noticed that I didn't receive the error message as I had for the past couple of weeks. In addition, when I opened a .PDF document, I no longer received the error message. I was getting the error message yesterday, and I haven't made any changes since then.
I am having the same problem, but I think I tracked it to the Malwarebytes (premium) 3.0.6.1469 anti-exploit feature. If I disable the anti-exploit feature, I can open both standalone pdfs and web-based pdfs (via Internet Explorer). Malwarebytes is saying I should do a clean install, and so will try that...
Well, I tried Malwarebytes' proposed solution- using their cleanup tool to uninstall and then reinstalling. No joy. Adobe Reader DC still does not work with the anti-exploit feature enabled. I emailed Malwarebytes, so I hope it is just a matter of an update on their end.
So the current workarounds are either (a) disabling protected mode for Adobe Reader or (b) going into the Malwarebytes 3.x settings/application protection list and turning off protection for Adobe Acrobat and Adobe Reader. At the moment, I chose to disable Malwarebytes' protection for Adobe Acrobat/Reader and left Adobe in protected mode (I figure Adobe knows its own potential vulnerabilities better than Malwarebytes), but if you recommend the reverse, I will do so. I hope Malwarebytes fixes this fast,
Thanks Eric for this solution. It worked for me too. I will try to remember to re-enable the protection in Malwarebytes Premium every so often to see if an update to that application has fixed this incompatibility.
However, disabling "Protected Mode at Startup" is not recommended. You may install the latest update through this release note: -docs/acrobatetk/tools/ReleaseNotesDC/index.html and if that still doesn't work, then perform troubleshooting steps suggested here: -mode-troubleshooting-reader.html
Hi. I am running Adobe Acrobat Reader DC Version 2020.009.20067 on Windows 10 Enterprise (64 bit) Version 10.0.18363 Build 18363. I am also running Malwarebytes Premium 4.1.0.56.
When I try to open a PDF file Adobe displays " Adobe Reader cannot open in protected mode due to an incompatibility with your system configuration." Then there are 3 options to choose:
1) Open with Protection Mode disabled
2)Always open with Protected mode disabled
3)DO not open with protection mode disabled
This is consistent, and only does not occur when I close Malwarebytes before attempting to open a PDF file. I would appreciate any assistance as obviously my preference is to always have Malwarebytes running.
We need to get information from this machine in order to have the proper detail to help you forward.
NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.
Download Malwarebytes Support Tool
Once the file is downloaded, open your Downloads folder/location of the downloaded file
Double-click mb-support xxx.xx.exe to run the report
You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
Place a checkmark next to Accept License Agreement and click Next
You will be presented with a page stating, "Get Started!"
Thanks for the quick reply. I am running the tool now and will add the logs when completed. To note the first thing I did was go to Adobe Reader and ran the check for updates, it came back with there are no updates available. Logs completed and attached.
Thanks, that makes sense. It is likely due to one of the options for Exploit Protection as many of them apply to PDF readers. If you wish to try to isolate the issue further you may try disabling the individual options for PDF readers under the various tabs of the Advanced settings sub-menu under the Security tab in settings. If you do decide to try, please let us know how it turns out and if any individual setting allows PDFs to open without delay.
The reason why PDF files cannot be opened is because Adobe Acrobate Reader is preventing to open files from an application with administrator rights via its Protected Mode. To solve this issue disable protected mode by doing the following:\r\n\r\n
For more information about Protected Mode (and possible vulnerabilities) refer to the Adobe website." } }] } PDF files do not open in Adobe Acrobat Reader Question / Problem I'm trying to open a PDF file, but Adobe Acrobat Reader does not open it.
The reason why PDF files cannot be opened is because Adobe Acrobate Reader is preventing to open files from an application with administrator rights via its Protected Mode. To solve this issue disable protected mode by doing the following:
Since this error was resolved in v10.1 and current version is 10.1.2, the best solution is to update Adobe Reader on all computers. Alternatively, you can copy the PDF to your local drive before opening it or, if necessary, disable Adobe Reader's protected mode.
Adobe Reader 10.0 is installed in Protected Mode. Protected Mode protects users by limiting what malicious files can do and access. One of the features of the secure mode isthat it cannot open PDF files whose source is distributed file system (DFS) ornetworked file system (NFS). PDF files in shared locations on DFS/NFS cannot be opened. Attempting to open such a file results in an error opening the document.
In November 2010, Adobe released version X of its PDF reader: Adobe Reader. This new version added a security protection to the reader by integrating a "sandbox" feature that limits the actions that a malicious PDF file can perform. This is a major security enhancement for Adobe Reader. More than a year after that new feature appeared, we recap the situation about its effectiveness.
This feature is officially called "Protected Mode" in Adobe Reader, and "Protected View" in Adobe Acrobat (see paragraph 3 for further explanation about Adobe Acrobat). It only exists for Windows versions of the products (the Mac OSX or Linux / Unix versions do not support that feature). It forces Reader execution in a controlled environment in which:
From a technical standpoint, Adobe explains that the "Protected Mode" has been implemented taking the Google Chrome sandbox as model, and uses the sandboxing techniques offered by Microsoft Windows. When launched, Adobe Reader creates a first process: the "Broker". This process configures and starts a second process which is the "sandbox" itself. Any prohibited operation intercepted in the Sandbox (through classical "hooking" mechanisms, see our article of April 2006 which explains the "hooking" principles) is sent from the Sandbox to the Broker (via a shared memory based IPC - Inter Process Communication - mechanism) for inspection. The Broker decides to block or not this suspicious operation according to the defined Policy.
Note: to restrict the privileges of the Sandbox process, Adobe uses several mechanisms available on Windows, one of them is the integrity levels mechanism (a process that is started with a low integrity level can not communicate with processes that run with a higher integrity level). In the case where an attack is able to execute arbitrary code in the sandbox, it would execute this arbitrary code at a low level of integrity which limits the possible harmful actions on the platform. This integrity level mechanism only exists for Windows Vista and later, and is not available on Windows XP. Despite the lack of the integrity level mechanism, the Adobe sandboxing feature is still a significant security improvement for Windows XP users: the primary objective of this sandboxing is to block write attempts and integrity level is just an additional protection mechanism.