by Michael Mimoso October 27, 2015 , 1:05 pm
Adobe today updated Shockwave player, patching one privately disclosed memory corruption vulnerability in the software.
Adobe gave the vulnerability, CVE-2015-7649, its highest criticality rating, though there are no known public exploits for this flaw.
The vulnerability, Adobe said, could allow an attacker to remotely execute code and take control over the vulnerable machine.
The flaw affects Windows and Macintosh versions of Shockwave 12.2.0.162 and earlier, and users are urged to update to 12.2.1.171.
Full Article
Thanks Jeff! Today I don't use Shockwave and I don't know the last time I needed it so in most cases just remove it from your PC IMO.
Daniel 😉
Daniel 😉
I have not used it for years either Daniel, I have just not needed it for anything at all.@ wrote:
Thanks Jeff! Today I don't use Shockwave and I don't know the last time I needed it so in most cases just remove it from your PC IMO.
Daniel ;)
However this patch is still making headlines with big headlines.
Shockwave player flaw exposes 450 million users at risk of hack
450 million is an awful lot of users - I don't believe that I've ever been one though.
I notice from Wiki that it "it bundles a component of Adobe Flash that is more than 15 months behind on security updates, and which can be used to backdoor virtually any computer running it".
Hardly surprising that it is a security disaster!
Nemo
I notice from Wiki that it "it bundles a component of Adobe Flash that is more than 15 months behind on security updates, and which can be used to backdoor virtually any computer running it".
Hardly surprising that it is a security disaster!
Nemo
You would think that by now, Flash would be obsolete.... from US-CERT:
Adobe Releases Security Update for Shockwave PlayerOriginal release date: October 27, 2015
Adobe has released a security update for Adobe Shockwave Player. Exploitation of this vulnerability could potentially allow an attacker to take control of the affected system.
Users and administrators are encouraged to review Adobe Security Bulletin APSB15-26(link is external) and apply the necessary updates.
Source: https://www.us-cert.gov/ncas/current-activity/2015/10/27/Security-update-available-Adobe-Shockwave-Player
Adobe Releases Security Update for Shockwave PlayerOriginal release date: October 27, 2015
Adobe has released a security update for Adobe Shockwave Player. Exploitation of this vulnerability could potentially allow an attacker to take control of the affected system.
Users and administrators are encouraged to review Adobe Security Bulletin APSB15-26(link is external) and apply the necessary updates.
Source: https://www.us-cert.gov/ncas/current-activity/2015/10/27/Security-update-available-Adobe-Shockwave-Player
I have found no use for Shockware either ... but thank for the post. You never know .. someone may be using it.
For one's that use Shockwave here is another update:
Adobe Shockwave Player 12.2.1.172https://get.adobe.com/shockwave/
Daniel 😉
Adobe Shockwave Player 12.2.1.172https://get.adobe.com/shockwave/
Daniel 😉
Thanks Daniel. Some news channels still use it and if I don't have it, I stare at a black screen and then say OH@ wrote:
For one's that use Shockwave here is another update:
Adobe Shockwave Player 12.2.1.172https://get.adobe.com/shockwave/
Daniel ;)
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.