Archive for July, 2013

Adobe’s Software Vulnerability Report Form Gets a Facelift

This week Adobe launched a new software vulnerability report form. This web form is the primary mechanism for our colleagues in the information security community to disclose security vulnerabilities that may impact Adobe’s customers.

In addition to some functionality improvements, we’ve included additional questions to accelerate our vulnerability triage process. We welcome your feedback on the new form, as well as suggestions on ways to improve our process. You can always reach us via

Finally, we’ll be at Black Hat and DEF CON this year, and we’re looking forward to catching up with everyone who plans to attend. See you there!

Pieter Ockers
Program Manager, PSIRT

Recon 2013

Recon, held annually in Montreal, Canada, has a reputation for being one of the best technical security conferences in the world. I was once again privileged to attend Recon (June 21-23) and this year’s conference did not disappoint.

Slides from the conference are up here on the conference Web site. As a security defender, I especially enjoyed learning about the innards of EMET 4.0 from Elias Bachaalany of the Microsoft Security Response Center (MSRC). Christopher Domas’s talk on using visualization for reverse engineering will strike a chord with anyone who has thought about using the human brain’s formidable pattern-recognition capabilities for sifting through masses of data — in this case, binary data.

Recon is known for assembling researchers from the US, Canada, Europe, and many other parts of the world and it was fun, as always, to engage in conversations with friends, colleagues, partners, and the independent research community.

Vieux-Montréal (Old Montreal) is a 15-minute walk away from the conference venue and at sunset it is more than pleasant there:





Until belle Montreal beckons again!

Karthik Raman
Security Researcher