Microsoft later recanted and issued an update to IE10, then followed with another in October on the same day Adobe shipped its Flash fixes.Īt the time, security experts criticized both Adobe and Microsoft for releasing unexpected updates - Microsoft rarely deviates from its Patch Tuesday timetable - and said those updates confused customers, especially enterprise IT staffers who rely on Microsoft's predictable schedule.Įven though the Flash updates will add more Patch Tuesday work for users, security professionals praised Adobe's change. But problems surfaced in September when Microsoft said it would not patch IE10 for at least six weeks, even though Adobe had issued updates the month before that addressed at least one vulnerability hackers were already exploiting. The two companies' unsynchronized patching became an issue after Microsoft announced it would bake Flash Player into IE10 for Windows 8 and its tablet spin-off, Windows RT. So far this year, Adobe has released nine Flash security updates: One in February, two in March, one each in May and June, two in August, one in October, and one in November. Microsoft issues its security updates on the second Tuesday of each month, but up to now Adobe has released Flash bug fixes at irregular intervals. In July 2010, Adobe began using MAPP to deliver vulnerability information about its products to security firms. Under MAPP, for "Microsoft Active Protections Program," Microsoft provides select security vendors pre-patch information to give them time to craft detection signatures for upcoming exploits or malware. "They started dating when they decided to share the MAPP program once Microsoft agreed to embed Flash in IE10, inevitable that Adobe was going to be strong-armed into following Microsoft's patch cadence."
MICROSOFT UPDATE ADOBE FLASH PLAYER CRACKED
"Microsoft and Adobe are now officially married," cracked Andrew Storms, director of security operations at nCircle Security, in an email reply to questions.
0 kommentar(er)
