Posts tagged SANS

SANS instructor: “Avoid Adobe… security appears out of control”

Stephen Northcutt, an instructor for SANS and President of SANS Technology Institute, cautions users against using Adobe products due to an increasing number of Adobe security vulnerabilities that have been reported this year.  In the SANS NewsBites Vol 11 #61 (8/4/2009), Stephen says:

“I think organizations should avoid Adobe if possible.  Adobe security appears to be out of control, and using their products seems to put your organization at risk. Try to minimize your attack surface. Limit the use of Adobe products whenever you can.”  (link may not be live yet)

There have been four patches (year to date) in 2009 for Adobe Reader\Acrobat, compared to 3 security patches for Adobe Reader\Acrobat in all of 2008.

Other common desktop applications and their security patch counts since Jan 1, 2009:

8 9 patches for Mozilla Firefox
4 patches for Microsoft Internet Explorer
4 patches for Apple Safari
4 patches for Adobe Reader\Acrobat
3 patches for Adobe Flash
2 patches for Adobe Shockwave
2 patches for Apple Quicktime
2 patches for Apple iTunes


Comments (4) »