Sophos Cloud Optix
If your Windows or Mac computer uses the Adobe Shockwave Player, it’s time to update your systems.
Adobe has issued an advisory, warning of a number of security vulnerabilities in its Shockwave media player software, and is urging users to update to Adobe Shockwave Player 11.6.8.638.
According to the firm, the update addresses vulnerabilities that could allow attackers to run malicious code on affected systems. Specifically, it addresses buffer overflow and array out of bounds vulnerabilities that could lead to code execution.
In plain English, unless you are up-to-date with your patches boobytrapped Shockwave content could infect your computer with a Trojan horse or other form of malware.
Adobe recommends that users of Adobe Shockwave Player 11.6.7.637 and earlier update to the new version 11.6.8.638 immediately. It’s available from Adobe’s website at get.adobe.com/shockwave/.
Note that Adobe Shockwave is a different technology from the more commonly encountered Flash software from the same company.
Many users may not have any requirement for Shockwave. You can check if your computer currently has Shockwave installed by visiting this page on the Adobe website.
HOW LONG WILL IT TAKE ADOBE TO TELL US THAT THERE IS A PROBLEM WITH THIS NEW VERSION.?
about as long as it takes for the next zero day expolit
Thanks for the blog post on this security update.
Since Adobe released this update along with a security advisory on Tuesday afternoon (UK time), why did it take so long to create this blog post?
I don’t mean any offense or lack of gratitude when I write this. I simply want to point out that for security articles to provide the notifications and awareness they are supposed to convey, they also need to be timely. Perhaps this blog post could have been created on Wednesday, the 24th of October?
Thanks.
Can't remember the last time I needed Shockwave in my browser. Is it still used for anything?