This article is more than 1 year old

Microsoft switches Edge’s PDF reader to pay-to-play Adobe Acrobat

And yes, sure, totally secure

Microsoft's Edge browser will be getting a significant facelift in the coming months, thanks to Adobe.

The same week the giant software maker said it is bringing the hype-tastic ChatGPT AI tool to Edge (and Bing), it also announced it is replacing the fairly basic PDF reader currently built into the browser with a new one powered by Adobe's Acrobat PDF engine.

The decision is part of a larger plan between the two companies to bring Adobe technologies like e-signature and documentation automation to Microsoft users. Already Adobe PDF and e-sign technologies have been integrated into Microsoft 365, Teams, and SharePoint.

Now this is coming to Edge, with Adobe's PDF engine replacing the built-in engine that Edge, a Chromium-based browser, uses today.

"Bringing Adobe and Microsoft closer together is good for productivity and good for customers," Jared Spataro, corporate vice president of modern work and business applications at Microsoft, said in a statement. "Adobe's PDF technology in Microsoft Edge means users will have fast and secure access to critical digital document capabilities."

The idea is to bring the richer set of features in Adobe's Acrobat PDF engine to Edge, including higher fidelity for better colors and graphics, better performance, strong security, and more accessibility capabilities, such as better text selection and read-aloud narration. Those functions will be free to Windows 10 and 11 users.

However, if folks want more advanced features, it's going to cost money. Users will need to buy an Acrobat subscription if they want to be able to edit text and images, convert PDFs to other file formats, or combine files. Those who already have such subscriptions can use the Acrobat extension in Edge without spending more.

Microsoft made a particular point of outlining its efforts to ensure the new Adobe PDF tool is secure. Miscreants will use malware-infused PDFs to muscle their way into enterprise networks, so Microsoft's Edge Vulnerability Research team was involved in the process of bringing the Adobe engine to Edge.

That includes adding security features to the PDF stack such as PartitionAlloc a secure heap implementation developed on Chromium and already used in Edge, according to Gareth Evans, principal security research lead at Microsoft.

"PartitionAlloc is designed in such a way as to keep objects of different types separate from each other with minimal intervention from the developer," Evans wrote.

The package also includes mitigations such as Intel's Control Flow Enforcement Technology to protect against the hijacking of control-flow transfer instructions, a technology that complements Microsoft's Control Flow Guard. Fuzzing – automatic testing for vulnerabilities – is another security feature included with the new Edge PDF stack.

In addition, Edge's Acrobat engine will be included in the software vendor's bug bounty program to incentivize developers to find and report flaws. And there have been quite a few flaws in Adobe's PDF code.

The new Edge PDF offering will have all the capabilities that the current one does. Once the system is in place, users will see an Adobe brand mark in the bottom corner of the PDF view

"These users will also see an option to try the advanced features, such as converting PDFs, combining files, editing text and images," which will require the Acrobat subscription, Microsoft wrote.

Redmond is also rolling out the new Adobe-driven Edge PDF tool in phases. Consumers and others using unmanaged Windows 10 or 11 systems will see the change once it launches next month, with all such users having it in place by September.

Companies with managed devices can choose when to opt-in until September, giving them time to test their apps with the change in PDF engine. After that, they can opt out until March 2024, when the legacy Edge PDF engine is removed. ®

More about

TIP US OFF

Send us news


Other stories you might like