toggle

AAPL Stock: 128.82 ( -0.54 )

Printed from http://www.macnn.com

Adobe moves to regular patching cycle for PDF tools

updated 11:15 am EDT, Thu May 21, 2009

Adobe adopts patch cycle

Adobe will be adopting a quarterly patch cycle, at least with regard to Reader and Acrobat, explains the company's security and privacy director, Brad Arkin. Patches for the PDF tools should now be released every three months, and on the second Tuesday of said month. The timing is meant to coincide with Microsoft's famous "Patch Tuesdays," Arkin notes, thereby giving IT workers an opportunity to test updates from both companies before propagating them across a network.

While PDF documents are mostly local, static files, they also incorporate JavaScript, which can be used by malicious hackers to generate problems like memory corruption, and in turn assume control of a computer. Arkin admits that Adobe has failed to examine legacy code for these vulnerabilities in the past; testing is now said to be ongoing though, using methods such as threat modeling and fuzzing, the latter of which assaults a program with code until it triggers an unwanted response.

The director also confesses that the company was too slow to fix the recent JBIG2 vulnerability, which was exposed two weeks before a patch became available. Adobe will try to increase the speed of such emergency updates in the future, Arkin says.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Advertisement

Recent Reviews

Brother HL-L8250CDN Color Laser Printer

When it comes to selecting a printer, it's not exactly something most people put a lot of thought into. Printers are often touted as ...

Moshi iVisor AG and XT for iPad Air 2

Have you ever tried to put in a screen protector that relies on static to cling to the screen? How many bubbles and wrinkles does it h ...

OmniPlan (OS X, iOS)

We reviewed the Omni Group's most famous Mac software, a To Do app called OmniFocus, back in June 2014, and we were impressed. Some o ...

toggle

Most Commented