Adobe is to start a regular patching cycle alongside Microsoft's, after a PDF flaw earlier this year highlighted problems in the firm's security response process.
A vulnerability in PDFs was discovered in February, and only partially patched in March. The full fix wasn't offered until this month, despite the flaw being actively exploited by attackers.
Brad Arkin, director of product security and privacy, wrote in Adobe's security blog that the incident led the firm to examine its security and patching process.
"Everything from our security team's communications during an incident to our security update process to the code itself has been carefully reviewed," he wrote.
One major change is Adobe will now offer a quarterly patching cycle. Previously, it fixed flaws whenever they showed up, but from this summer will start to offer regular updates timed to coincide with Microsoft's monthly patching exercise, dubbed Patch Tuesday.
"Based on feedback from our customers, who have processes and resources geared toward Microsoft's Patch Tuesday security updates, we will make Adobe's quarterly patches available on the same days," Arkin wrote, noting previous patches released on the same day as Microsoft's were just a coincidence.
Adobe said it would also look to "harden" existing base code, to make sure legacy sections are as secure as more recent code, which is subject to more stringent testing than code written years ago.
The firm is also looking to improve how it manages major security problems. "We've targeted several specific areas where we are improving our incident response process," Arkin wrote.
"We expect folks outside Adobe will see more timely communications regarding incidents, quicker turn-around times on patch releases, and simultaneous patches for more affected versions as we move forward."
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Lateral moves in tech: Why leaders should support employee mobilityIn-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
-
Ask more from your CMSWhitepaper How to get the most value in the shortest timespan
-
Adobe battles fake photos with editing tagsNews Photoshop will include new tagging tools later this year to help fight against misinformation and deep fakes
-
Avast Business Patch Management review: Don’t give up the day job just yetReviews Good Windows patch management services but a work in progress
-
Adobe Photoshop Elements 2019 review: Trapped in the photo-editing middle groundReviews A once peerless beginner’s photo-editing package that’s past its prime
-
How Adobe saved BT £630,000Sponsored Adobe’s digital signature platform is saving time and money - and forging stronger connections between businesses and customers
-
Don't settle when it comes to creativitySponsored Getting the best out of your creative design team means equipping them with the best software
-
The benefits of a subscription serviceSponsored Why software vendors are increasingly moving to a subscription model
-
Brexit: Adobe Creative Cloud hikes prices up 11%News Currency changes continue to bite British software buyers
