Critical Security Vulnerabilities in Adobe Shockwave Player


« Windows 7 Virus Vulnerabilities: Is It Getting Better? | Main | November 2009 Microsoft Patches Several Programs »

11/05/2009



Critical Security Vulnerabilities in Adobe Shockwave Player

Kevin R. Smith
Co-Editor


Let's cut to the chase: patch your Adobe Shockwave. There are four different critical vulnerabilities in the Adobe Shockwave Player that lets an attacker remotely execute the code of their choosing on your PC.

Download Adobe Shockwave

  Vulnerability Cause Why It Matters
  an invalid index when handling certain Shockwave content could be exploited to execute arbitrary code by tricking a user into visiting a specially crafted web page
  an invalid pointer when processing certain Shockwave content, which could be exploited to execute arbitrary code by tricking a user into visiting a specially crafted web page. same
  an invalid pointer when handling certain Shockwave content, which could be exploited to execute arbitrary code by tricking a user into visiting a specially crafted web page. same
  a memory corruption related to string processing, which could be exploited to execute arbitrary code by tricking a user into visiting a specially crafted web page. same



It isn't clear how much these threats can be mitigated by Internet security software, but typically the best antivirus firewalls do help mitigate these types of attacks.

Whatever the case though please take a minute now and update your Shockwave player. It's worth the time to eliminate this simple to exploit attack vector.

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a0133f40d81f4970b0134876490f0970c

Listed below are links to weblogs that reference Critical Security Vulnerabilities in Adobe Shockwave Player :

Comments

You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.