Adobe Fixes Shockwave Holes
Thursday, September 10, 2015 @ 04:09 PM gHale
Adobe released an updated version of its Shockwave Player for Windows to resolve two critical vulnerabilities.
The two memory corruption vulnerabilities rate as “critical” and have received a priority level 1, because they could enable an attacker to take control over an affected systems and execute malicious code.
Tongbo Luo of Palo Alto Networks discovered the vulnerabilities.
All of the Adobe Shockwave Player version 22.214.171.124 and earlier releases suffer from the issues, according to Adobe’s security bulletin. The current release of the software, version 126.96.36.199, resolves the problems.
While Adobe is not aware of any exploits targeting the vulnerabilities, users should update their Shockwave Player installations as soon as possible.
The Shockwave Player security update is the fourth in a recent series of releases that Adobe has pushed out over the past several weeks in an attempt to resolve security flaws in its products.