Last week was a big one for security updates, with the out of band Internet Explorer updates, the Java updates, the Quicktime updates, the DivX updates, and a few others that don’t immediately come to mind.
This week hasn’t seen much, which is probably a good thing, because next week promises to be a busy one for those who will be overseeing updates of Windows computers. Once again, the ZDNet Security column tells us that Adobe will be doing its best, once again, to stay ahead of the ne’er-do-wells who would try to compromise your Windows computer.
Adobe today announced plans to ship a critical security patch next Tuesday (April 13, 2010) to fix multiple high-risk security holes in its Reader and Acrobat product lines.
The patches will be released alongside a new automatic updater software that the company hopes will speed up the downloading and deployment of its security fixes. The security fixes in this Reader/Acrobat patch batch will apply to Windows, Macintosh and UNIX users.
The new updater, which was first shipped in a passive state last October, will be turned on for all readers from next week to keep end-users up-to-date in a much more streamlined and automated way, according to Adobe’s Steve Gottwals.
He said the new updater will be activated for all users needing Adobe Reader and Acrobat 9.3.2 and 8.2.2 for Windows and Macintosh.
By default, Adobe will use the current update setting found in the Adobe Reader and Acrobat Preferences, under the “Updater” panel. For Windows users, this is what it looks like:
Gottwals explains the thinking behind the default settings:
The new updater has been optimized for each platform, and as you will notice, on Windows offers an option called “Automatically install updates.” With this option, to avoid disturbing the user, the new updater favors a time when the system is not busy to install new updates without user intervention.
Studies have shown that silent updaters [without any user action] are the most effective way to ensure the widest possible distribution of security patches and Adobe is clearly hoping that this will speed up the distribution of its patches.
It will be really nice to know that the Acrobat Reader is once again secure, if only for a few hours! Actually, if the autoupdate feature works, and Adobe stays on top of it, your machine should be vulnerable only a short time each time an attack comes along, instead of up to two months, as has recently been the case.
≡≡ Ḟᴵᴺᴵ ≡≡