Adobe patches critical vulnerability in Shockwave Player
Adobe has released version 11.5.0.600 of its Shockwave Player to fix a critical security vulnerability. According to Adobe, the critical vulnerability could be used by an attacker to compromise and take control of a users system. For an attack to be successful, a victim must first open a manipulated Shockwave file. More details about the vulnerability, however, have not been released.
Shockwave 11.5.0.596 and previous versions are affected by the vulnerability. To update to the new release, users must first un-install the old player, restart their system and then install the new version. Adobe recommends that all users update to the latest release.
The Adobe Shockwave Player is a quasi-big brother of the Flash Player and includes a much wider range of functions. Typically, it's used for more complex, interactive presentations, games and other applications. It's likely that most users only have the Adobe Flash Player installed, which is not affected.
See also:
- Security Update available for Shockwave Player, security advisory from Adobe.
(crve)