Adobe is to start a regular patching cycle alongside Microsoft's, after a PDF flaw earlier this year highlighted problems in the firm's security response process.
A vulnerability in PDFs was discovered in February, and only partially patched in March. The full fix wasn't offered until this month, despite the flaw being actively exploited by attackers.
Brad Arkin, director of product security and privacy, wrote in Adobe's security blog that the incident led the firm to examine its security and patching process.
"Everything from our security team's communications during an incident to our security update process to the code itself has been carefully reviewed," he wrote.
One major change is Adobe will now offer a quarterly patching cycle. Previously, it fixed flaws whenever they showed up, but from this summer will start to offer regular updates timed to coincide with Microsoft's monthly patching exercise, dubbed Patch Tuesday.
"Based on feedback from our customers, who have processes and resources geared toward Microsoft's Patch Tuesday security updates, we will make Adobe's quarterly patches available on the same days," Arkin wrote, noting previous patches released on the same day as Microsoft's were just a coincidence.
Adobe said it would also look to "harden" existing base code, to make sure legacy sections are as secure as more recent code, which is subject to more stringent testing than code written years ago.
The firm is also looking to improve how it manages major security problems. "We've targeted several specific areas where we are improving our incident response process," Arkin wrote.
"We expect folks outside Adobe will see more timely communications regarding incidents, quicker turn-around times on patch releases, and simultaneous patches for more affected versions as we move forward."
-
Hounslow Council partners with Amazon Web Services (AWS) to build resilience and transition away from legacy techSpomsored One of the most diverse and fastest-growing boroughs in London has completed a massive cloud migration project. Supported by AWS, it was able to work through any challenges
-
Salesforce targets better data, simpler licensing to spur Agentforce adoptionNews The combination of Agentforce 360, Data 360, and Informatica is more context for enterprise AI than ever before
-
Ask more from your CMSWhitepaper How to get the most value in the shortest timespan
-
Adobe battles fake photos with editing tagsNews Photoshop will include new tagging tools later this year to help fight against misinformation and deep fakes
-
Avast Business Patch Management review: Don’t give up the day job just yetReviews Good Windows patch management services but a work in progress
-
Adobe Photoshop Elements 2019 review: Trapped in the photo-editing middle groundReviews A once peerless beginner’s photo-editing package that’s past its prime
-
How Adobe saved BT £630,000Sponsored Adobe’s digital signature platform is saving time and money - and forging stronger connections between businesses and customers
-
Don't settle when it comes to creativitySponsored Getting the best out of your creative design team means equipping them with the best software
-
The benefits of a subscription serviceSponsored Why software vendors are increasingly moving to a subscription model
-
Brexit: Adobe Creative Cloud hikes prices up 11%News Currency changes continue to bite British software buyers
