Adobe / Microsoft to team up on Vulnerability Sharing - gHacks Tech News

Adobe / Microsoft to team up on Vulnerability Sharing

Microsoft has announced that it's to extend it's Microsoft Active Protections Program (MAPP) to include vulnerability sharing information from Adobe.

The programme, launched in October 2008 allows sharing of information about security vulnerabilities with security software vendors.  So far 65 companies have signed up to the scheme.

In a statement, Microsoft said...

“Adobe products are relied on by individuals and organizations worldwide. Given the relative ubiquity and cross-platform reach of many of our products, as well as the continued shifts in the threat landscape, Adobe has attracted increasing attention from attackers,” said Brad Arkin, senior director of product security and privacy at Adobe. “We are committed to our customers’ security at every level and are excited to leverage MAPP as an important part of our overall product security initiative. MAPP is a great example of a tried and proven model giving an upper hand to a network of global defenders who all rally behind a shared purpose — protecting our mutual customers.”

“Microsoft acknowledges that the constantly changing threat landscape requires a new approach to security — collaboration and shared responsibility are key as past individual efforts are no longer enough,” said Mike Reavey, director of the Microsoft Security Response Center at Microsoft. “We’re excited about extending the benefits of MAPP to Adobe users as we’ve seen clear evidence of its impact in advancing customer protections. We continue to encourage the collective industry — from security researchers and vendors to customers— to recognize the responsibility we all share in fortifying the broader computing ecosystem against online crime.”

The PC ecosystem is so complex these days that closer co-operation between software and security vendors is essential to help maintain stability and consumer confidence.  While many people will directly blame Microsoft for having insecure software, most trained observers will point out that it's just not that simple, as the recent security scares for Adobe's Flash and Acrobat software proved.

Microsoft took the opportunity to call on the "broader community" from security researchers to vendors, to all move more towards a co-ordinated disclosure.

With luck, this move will also finally allow third-party vendors to release their patches through Windows Update with the forthcoming Windows 8 in 2012.

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Comments

    Leave a Reply

    Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

    Please note that your comment may not appear immediately after you post it.