Adobe Reader XI and Acrobat XI, which shipped this week, include a new whitelisting framework, cryptographic capabilities, and a feature that forces all of the DLL files loaded to use ASLR (Address Space Layout Randomization), even if the files were not originally compiled with ASLR enabled.
The biggest change in Reader and Acrobat XI, however, is in the sandbox. The original sandbox in Reader X focused on "write protection" to prevent attackers from installing malware on to the machine or recording user keystrokes. Reader XI now restricts "read-only activities" to prevent attackers from reading sensitive information.
Adobe said that since they added sandbox protection to Adobe Reader and Acrobat, they have not seen any exploits in the wild that break out of the Adobe Reader and Acrobat X sandboxes.