Forgot your password?

Close
typodupeerror
Security IT

Adobe May Change To Monthly Patch Cycle 76

Posted by timothy
from the are-you-on-the-patch? dept.
Trailrunner7 writes "Adobe, which has been under fire for the security of its flagship products, Flash and Reader, for some time now, may be on the verge of changing its patching process to push fixes out on a monthly schedule, which would coincide with Microsoft's monthly Patch Tuesday releases. The change would be the second major adjustment to Adobe's patching process in the last year or so. In 2009 the company moved to a scheduled quarterly patch release process in an effort to give its customers a better chance to plan for testing and deployment. That change was generally well-received. Now Adobe may change the schedule again in order to get patches out more quickly. The company is considering releasing its security fixes for Reader on a monthly schedule, the same day that Microsoft releases its patches."
This discussion has been archived. No new comments can be posted.

Adobe May Change To Monthly Patch Cycle More

Adobe May Change To Monthly Patch Cycle

Comments Filter:

  • Re:STUPID ACROREAD ICON (Score:3, Interesting)

    by denis-The-menace (471988) on Thursday May 27 2010, @04:46PM (#32368036)

    look at what others do to avoid that pitfall.
    http://www.appdeploy.com/packages/detail.asp?id=1328 [appdeploy.com]

  • Re:Will we still have to REBOOT? (Score:1, Interesting)

    by Anonymous Coward on Thursday May 27 2010, @05:18PM (#32368488)
    You almost never do have to. But the people writing the patch just use a standard MSI constructor that has the "requires reboot" flag bit turned on by default. Because the people in charge of the patch are not experts in the MSI system the don't fiddle with it.

    I am quite sure that there are lots of options that are just left on because it is less effort to not touch them than to figure out if it is really needed.

    On the other hand there it might be an effort to avoid issues with those less computer savy. Many computer illiterate users actually have some part of reader in resident memory, and that it is easier to tell them to restart the computer than to tell them to close the PDF file they have open in IE 5.

  • Re:Enough with third party update (Score:3, Interesting)

    by gad_zuki! (70830) on Thursday May 27 2010, @06:02PM (#32369082)

    Well, Adobe could release plugins for the new version of WSUS and admins can simply approve them like they do MS patches in WSUS. Or at least change their updaters so they make some sense. I just installed Acrobat 8.0. The updated proceeded to install:

    8.0.1
    8.0.2
    8.0.3
    8.1.0
    8.1.1
    etc
    Almost each asking for a reboot.

    Instead it should have downloaded the update straight to 8.2 or whatever the current version is and then done the incremental to 8.2.3.

    Lastly, they need to disable javascript by default in reader. Users can just press the "run scripting" button if they trust the publisher. Adobe is pretty much where MS was in 1998 or so. It really needs to grow up and smarten up regarding security.

  • Re:Enough with third party update (Score:3, Interesting)

    by h4rr4r (612664) on Thursday May 27 2010, @06:13PM (#32369188)

    Go download virtualbox, put your images into that and test the apps. If you do not have system images, go get fog and make some. This will all make your life much easier.

Computer programmers do it byte by byte.