Thursday, February 4, 2010
Last year seemed to have been the year of Adobe software exploits as depicted in the "10 Most Vulnerable Software Apps of 2009". Their most popular products Acrobat Reader, Flash Player and Shockwave have been the central point for the latest viruses and spyware. On an enterprise level, it's wreaking havoc for many system administrators and security experts.
Adobe has made attempts to write up white papers for Acrobat and Flash that describe how to deploy and maintain their key products, but with half hearted effort at best. There's also a storm of custom script files, packages, group policy templates that are floating around by other administrators. We have our own piecemeal scripts and GPOs currently in place at my job to do the best that we can at maintaining the latest "safe" versions.
Microsoft's products have not been the most secure over the years, but they have long given administrators proper tools deploy, maintain, and update their products and stay ahead. Windows Server Update Services, for example, allows administrators to get a view of machines on their network and maintain the vast amount of Microsoft's software. When updates are released, WSUS will allow you to get a report showing how many machines needed, push out the update and even set a deadline to force installation.
Adobe has taken such a market share of web content, but when will they take security seriously and offer an enterprise level solution? For now, No Flash, Please!!!