Microsoft and Adobe - Join Hands in 'Vulnerability Sharing'
Image from Adobe
If it weren't for Adobe Acrobat and its myriad computer programs, all us web and technology enthusiasts could have had a tough task in viewing, creating, manipulating and managing files that is usually done using Adobe's PDF (Portable Document Format). It is a known fact that Acrobat Reader programs are available online for download at zero cost facilitating users to view files, whilst other Adobe software needed to create and manage files come at a cost.
However, recent news has it that there has been a steep rise in Adobe Vulnerabilities and also that rogue PDFs account for 80% of all exploits. Adobe Reader and Acrobat itself claimed through its recently released security advisory that critical security vulnerabilities have originated in their programs increasing Adobe's headaches. It is also revealed at the Black Hat Conference that the newly discovered Adobe Reader/ Acrobat Font Parsing Integer Overflow Vulnerability is rated as the second most Critical Vulnerability that existed. Hackers who are able to exploit this vulnerability can effectively enjoy remote code execution of their targeted system.
A short-term and a more temporary solution for this would be updates discharged online by Adobe to its numerous users. A more permanent and updated solution comes from Adobe through unifying with the technology stalwart -- Microsoft with the mission of spreading awareness and solution campaigns amongst avid Adobe users about security vulnerabilities. Adobe and Microsoft plan to diminish the rising vulnerability issue by extending the Microsoft Active Protections Program (MAPP) with the inclusion of vulnerability sharing information from Adobe. This program enables companies and users to know more about current and expected vulnerabilities and also resolve their existing vulnerabilities by ascertaining information about security vulnerabilities with security software vendors.
The fact that organizations worldwide depend enormously on Adobe products and services for work related purposes has caught the attention of many hackers hence posing a potential threat to users. In verity Adobe has realized this threat and has received help from Microsoft that has offered a new approach to providing advance security to users. Running a virus scan or updating your system only after an attack has taken place, could really frustrate the user and test their patience. Rather than this, if users are made aware of potential threats that could take place to their Adobe products they would automatically be groomed to eradicate vulnerabilities prior to the happening of the attacks. This is exactly what Microsoft's MAAP would do.
The effectiveness of this move could not be well up to the mark, since it mostly promises information-sharing with no set software that keeps users permanently away from vulnerabilities. Microsoft's acknowledgement though, of vulnerabilities and cyber attacks along with its intention to maintain a Green (virus-free) PC ecosystem must be appreciated.