How Adobe is Improving Security
In recent years, Adobe applications including Adobe Reader and Flash Player have been aggressively attacked by those looking to exploit PC users. In response, Adobe has issued a long list of patches as zero-day exploits emerge. Adobe hasn't just been reactive to the threats, however, they've also taken steps to secure their code to make their applications safer and less of a target for attackers.
"The cliché is that bad guys rob banks because that's where the money is," Brad Arkin, senior director of Product Security and Privacy at Adobe told InternetNews.com. "Well, bad guys go after our software because that's where the users are; that's part of the success of having our software everywhere is that it paints a bullseye on us."
While Adobe has had more than its' fair share of zero-day flaws that they have needed to patch in recent years, Arkin notes that Adobe takes a measured approach to releasing patches. "Anytime a bug comes in we triage it to evaluate the impact and the characteristics of what has been impacted, and then we determine what the right response is," Arkin said. "We found that our customers need protection against attacks that are in the wild."