In this video, courtesy of Kaspersky’s Lab Matters, Ryan Naraine talks with David Lenoe, Head of the Product Security Incident Response Team, Adobe, about that company’s process for responding to security vulnerabilities in its products. Among other things, Lenoe talks about Adobe’s guidelines for issuing an emergency “out of band” patch and some data on the impact of new security features, like Adobe Protected Mode.
Research from the University of Maryland proposes new security metrics that can help enterprises understand risks to their products and prioritize patching and vulnerability management.
In a move that has surprised many in the security community, Microsoft has disbanded its
The deadline for a syntax change for CVE identifiers is coming on Jan. 13 when the four-digit format will support five or more. Vendors must update vulnerability management products to support the new syntax.