Adobe Fixes Shockwave Holes

Thursday, September 10, 2015 @ 04:09 PM gHale


Adobe released an updated version of its Shockwave Player for Windows to resolve two critical vulnerabilities.

The two memory corruption vulnerabilities rate as “critical” and have received a priority level 1, because they could enable an attacker to take control over an affected systems and execute malicious code.

RELATED STORIES
Adobe Patches ColdFusion Vulnerability
Adobe Issues Hotfix
Exploit Kit Uses Flash Vulnerabilities
Flash Zero Days Abound

Tongbo Luo of Palo Alto Networks discovered the vulnerabilities.

All of the Adobe Shockwave Player version 12.1.9.160 and earlier releases suffer from the issues, according to Adobe’s security bulletin. The current release of the software, version 12.2.0.162, resolves the problems.

While Adobe is not aware of any exploits targeting the vulnerabilities, users should update their Shockwave Player installations as soon as possible.

The Shockwave Player security update is the fourth in a recent series of releases that Adobe has pushed out over the past several weeks in an attempt to resolve security flaws in its products.



Leave a Reply

You must be logged in to post a comment.