Adobe borrows 'patch Tuesday' approach from Microsoft
Thursday, May 21, 2009
Adobe said yesterday that it will begin sending out security fixes on the second Tuesday of every third month beginning sometime this summer, in response to criticism that the company has been too slow to respond to flaws in its PDF Reader and Acrobat software.
Similar to the approach taken by Microsoft, which sends out security updates on the second Tuesday of each month, popularly called patch Tuesday, Adobe's director for product security said the company picked the day to make it easier for IT staff to handle the updates.
"The feedback from customers is that getting any patches for Reader and Acrobat out at the same time as Microsoft allows them to leverage existing processes and resources to get desktops updated as quickly as possible," Adobe's Brad Arkin said, according to the Washington Post Security Fix blog.
Adobe also said it will issue patches more regularly when security flaws become known. The company was roundly criticized for taking weeks to fix a bug in Reader and Acrobat that allowed attackers to execute arbitrary code via a PDF file.
Security experts said nearly half of all targeted attacks this year were designed to exploit flaws in Acrobat and Reader, according to the Security Fix blog.
Related News:
Network security update not responsible for crashes - 2.24.2010
Reports of the so-called "blue screen of death" following the installation of the latest Microsoft security update are the result of malware, not a defect in the update.
Botnets and Chuck Norris take aim at network security - 2.22.2010
Last week, word spread of the Kneber botnet compromising more than 2,000 computers worldwide. With the start of a new week comes more malware attacks plaguing the web community. The so-called "Chuck Norris" botnet is attacking routers and DSL modems by guessing commonly used passwords.
Web security company warns of scareware's risk - 2.19.2010
The rise in scareware attacks and cyber criminal behavior in general forced DynaSis, an IT services company, to issue a warning to its users about the threat of fake anti-virus software infecting their computers on Friday.
Age-old trick with brand-new target - 1.18.2010
Cyber criminals have turned to a scam from the early days of the internet to target the growing smartphone market: Trojan phone dialers.
Report: 'At least 34' firms attacked at the same time as Google - 1.15.2010
The Washington Post asserts that many U.S. companies were targeted in the same network security and email breach that affected Google and provoked the company's highly publicized spat with the Chinese government.
|
