Contact Us Today! (215) 853-2266

Bardissi Enterprises Blog

Bardissi Enterprises has been serving the Hatfield area since 2000, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Latest Version of Adobe ShockWave Corrects a Pair of Critical Flaws

Latest Version of Adobe ShockWave Corrects a Pair of Critical Flaws

Summary:

$1·         This vulnerability affects: Adobe Shockwave Player 12.0.7.148 and earlier, running on Windows and Macintosh computers

$1·         How an attacker exploits it: By enticing your users into visiting a website containing a malicious Shockwave file

$1·         Impact: An attacker can execute code on your computer, potentially gaining control of it

$1·         What to do: If you allow the use of Shockwave in your network, you should download and deploy the latest version (12.0.9.149) as soon as possible.

Exposure:

Adobe Shockwave Player displays interactive, animated web content and movies called Shockwave. According to Adobe, the Shockwave Player is installed on some 450 million PCs.

In a security bulletin released Tuesday, Adobe warned of two critical vulnerabilities that affect Adobe Shockwave Player 12.0.7.148  for Windows and Macintosh (as well as all earlier versions). Adobe's bulletin doesn't describe the flaws in much technical detail, only describing them as memory corruption vulnerabilities. The flaws share the same general scope and impact. If an attacker can entice one of your users into visiting a website containing some sort of malicious Shockwave content, he could exploit either of these vulnerabilities to execute code on that user's computer, with that user's privileges. If your Windows users have local administrator privileges, an attacker could exploit this flaw to gain full control of their PC.

If you use Adobe Shockwave in your network, we recommend you download and deploy the latest version as soon as you can.

As an aside, Adobe also released a security bulletin last week, fixing a zero day vulnerability in Flash Player. If you happened to miss that update, be sure to install it as well.

Solution Path

Adobe has released a new version of Shockwave Player, version 12.0.9.149. If you use Adobe Flash in your network, we recommend you download and deploy this updated player as soon as possible.

Status:

Adobe has released a Shockwave Player update to fix these vulnerabilities.

References:

·         Adobe's February 2014 Shockwave Player Security Bulletin

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, 23 December 2024
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Blog Archive

Recent Comments

Tip of the Week: Which Headphones are Right for Your Needs?
23 April 2018
I will recommend Plantronics Backbeat Pro 2 SE Noise cancelling Headset with it's Great features.
Gamification: Make Business Fun for Everyone
27 January 2017
The world is based on the games. There are many types of games as per the aussie essay writing servi...
Let's Talk Tablets
12 January 2017
The concept of tablet is far better than that of PC because you can bring them with you everywhere a...
Tip of the Week: Tweak Your Workday in These 4 Ways and See Major Results
12 January 2017
The only thing will I will say regarding this blog is that it is very helpful at least for me. As I ...
WatchGuard Releases Version 10.2.7 for WSM, Edge, Fireware, and Fireware Pro
23 December 2016
I really needed to know about the fireware but i was confused that where can i find information abou...