Update Adobe Shockwave Player to fix Critical Remote Code Execution Vulnerabilities

By | 21:45 Leave a Comment

Update Adobe Shockwave Player to fix Critical Remote Code Execution Vulnerabilities
Adobe has released a security update to address critical vulnerabilities for Adobe Shockwave Player12.0.7.148 and earlier versions of the Windows and Mac OS X systems.

The Patch fixes two critical remote code execution vulnerabilities, that could potentially allow an attacker to remotely take control of the affected system.

According to the Security Advisory released by Adobe, the vulnerabilities labeled as CVE-2014-0500 and CVE-2014-0501, and very limited information is available at this moment. These vulnerabilities discovered and reported by Liangliang Song of Fortinet's FortiGuard Labs.

'An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.' advisory explained.

Adobe gave the update its highest 'Priority Ranking' of 1, which indicates that a vulnerability is actively being targeted, or has a higher risk of being targeted by exploits in the wild.

The Adobe Shockwave Player version can be verified by visiting 'this website', and if it prompts you to download Adobe Shockwave Player, that means you haven't installed it.

Windows and Mac OS X users are recommended to update their Adobe Shockwave Player 12.0.7.148 and earlier versions update to the newest version Adobe Shockwave Player 12.0.9.149.
Newer Post Older Post Home

0 comments: