Adobe patches Shockwave bigtime

Fixes 20 vulnerabilities

By Inquirer staff

Wed Aug 25 2010, 10:16

VULNERABLE ISN'T THE WORD for Adobe's Shockwave media player that is getting a whopping big patch to cover 20 security holes.

The patches cover Adobe's Shockwave Player 11.5.7.609 for both the Windows and Mac platforms and the company is rating the update as critical.

"The vulnerabilities could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system," Adobe said in a security advisory.

Of the 20 holes, 18 fixes cover problems that would allow remote code execution on affected systems. One could allow a denial of service attack and the final flaw would allow a denial attack and could theoretically be exploited to allow remote code execution. Allegedly no attacks have been spotted in the wild yet, however.

Adobe has been plagued by a series of attacks on its software by hackers looking to exploit its popularity. The company has shifted to a monthly patching cycle and partnered with Microsoft to share security information with third parties. µ

Newly patched Safari flaws pose serious risks A proof-of-concept remote code execution exploit is available Thursday, 13 October 2011, 11:26 AM Read more	Adobe patches critical vulnerabilities in Flash Player Attacks are already seen in the wild Thursday, 22 September 2011, 10:06 AM Read more
Microsoft and Adobe release security updates Remote code execution flaws patched Wednesday, 14 September 2011, 13:32 PM Read more	Mega patch day passes for Microsoft and Adobe Acrobat sandboxed, but Flash needs another fix Wednesday, 15 June 2011, 11:52 AM Read more
Microsoft fixes Pwn2own Internet Explorer hole Along with 63 other software vulnerablities Wednesday, 13 April 2011, 11:14 AM Read more	Adobe Flash Player is hit by zero-day attacks again A recurring case of deja vu Tuesday, 12 April 2011, 11:18 AM Read more

< Previous article| Next article >

Comments

There are no comments submitted yet. Do you have an interesting opinion? Then be the first to post a comment.

INQ White papers

Databases

Network management

Security

Service oriented architecture

Storage

INQ Jobs

Service Transition Analyst

ITIL V3 Service Transition ...

INQ Poll

Authorities in several countries raided Megaupload recently, shut down all of its services, seized hundreds of servers and arrested several of its executives on criminal charges.

Do you think the move was justified?

Yes, companies should suffer an immediate death penalty upon being accused of copyright infringement.

Yes, the coppers said the company was breaking the law so it must be guilty.

No, the company and the people accused are innocent until proven guilty.

No, the company had millions of customers who have been harmed by having access to their data files cut off.

I don't care, I never used Megaupload anyway.

View other polls

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Salary Calculator

Search for a job:

Recruitment Agency A-Z Directory

Accreditations:

Digital Publisher of the Year 2010

Adobe patches Shockwave bigtime

Share this:

RIM Playbook OS 2.0 and Blackberry 7.1 video demo

Nokia Lumia 710 video review