Show 004 – An Interview with Brad Arkin
Brad Arkin is Director of Product Security and Privacy at Adobe Systems, where he has been tasked with reorganizing and accelerating product security. He comes to Adobe with plenty of real world experience in software security. He began his career at Cigital where he helped Gary form the software security group in 1997. He also served as a Technical Director at @Stake and a Senior Manager at Symantec (after the acquisition). He was also Vice President of Product Management at StepNexus. Brad’s years of experience in software security operations and execution give him a unique perspective.
June 1st, 2009 at 2:44 pm
hi listeners,
Brad recently announced what Adobe has been doing to combat their software security issues. Check out his blog entry here:
http://blogs.adobe.com/asset/2009/05/adobe_reader_and_acrobat_secur.html
gem
June 23rd, 2009 at 12:03 pm
Brad,
Going forward, will all Adobe Reader & Pro security patches above version 9.1 need to be incrementally be implemented?
Example, If a workstation has Adobe 9.1 and the latest revision is 9.15, will the 9.11, 9.12, 9.13, 9.14 patches need to be implemented first, before the 9.15?
Please let me know,
Thank You
Mark
June 25th, 2009 at 9:51 am
Hi Mark,
The plan going forward is that each quarterly update will roll up any zero-day patches that were released that quarter. However, each quarterly update will need to be applied in serial to get to a fully patched system. A new full installer for Reader will usually be available for every single dot release. (For example, a new installer for 9.2, but not for 9.2.1.)
Brad