Adobe patches critical flaw in Shockwave Player

Adobe patches critical flaw in Shockwave Player

Summary: Memory corruption vulnerabilities in the Player could lead to complete system compromise. The new version is 12.0.9.149.

SHARE:
TOPICS: Security
5

Adobe Shockwave Player 12.0.7.148 and earlier versions for Windows and Macintosh are vulnerable to attack through a memory corruption vulnerabilities.

The vulnerabilities have an Adobe Priority Rating of 1, which Adobe explains as:

    This update resolves vulnerabilities being targeted, or which have a higher risk of being targeted, by exploit(s) in the wild for a given product version and platform. Adobe recommends administrators install the update as soon as possible. (for example, within 72 hours).

The updated version of Shockwave Player is 12.0.9.149. Users may obtain it from http://get.adobe.com/shockwave/.

The vulnerabilities were found by Liangliang Song of Fortinet's FortiGuard Labs.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

5 comments
Log in or register to join the discussion
  • Thanks!

    Larry, just wanted to say thanks for all the heads-up over the years.
    Can't tell you how valuable they have been. :)
    Compumind
    • You're welcome

      And thank you for brightening up my day
      larry@...
  • Please...

    Keep up the good work!
    Compumind
  • shockwave bites

    When are they ever going to get it to compatibly work with browsers? Freezing the whole computer(s) several times a week or causing navigation problems. For months. Finally removed sockwave yesterday so navigation would return. Relief!
    nuzerxe
  • good guys

    The best thing that adobe guys did is not to have a Linux version, good guys , they won't contaminate Linux.
    Linguini44