Adobe Fixes Shockwave Holes

Thursday, September 10, 2015 @ 04:09 PM gHale

Adobe released an updated version of its Shockwave Player for Windows to resolve two critical vulnerabilities.

The two memory corruption vulnerabilities rate as “critical” and have received a priority level 1, because they could enable an attacker to take control over an affected systems and execute malicious code.

Adobe Patches ColdFusion Vulnerability
Adobe Issues Hotfix
Exploit Kit Uses Flash Vulnerabilities
Flash Zero Days Abound

Tongbo Luo of Palo Alto Networks discovered the vulnerabilities.

All of the Adobe Shockwave Player version and earlier releases suffer from the issues, according to Adobe’s security bulletin. The current release of the software, version, resolves the problems.

While Adobe is not aware of any exploits targeting the vulnerabilities, users should update their Shockwave Player installations as soon as possible.

The Shockwave Player security update is the fourth in a recent series of releases that Adobe has pushed out over the past several weeks in an attempt to resolve security flaws in its products.