Adobe Releases Security Patches for Shockwave Player

Adobe Systems recently (November 4, 2009), issued an update to patch vulnerabilities in its Shockwave Player and suggested users that they should install new version 11.5.2.602 as a guard against online assaults exploiting the flaws.

By assigning a "critical" rating to the update, Adobe made the security bulletin one of highest priority for flaws, which (if exploited) could let surreptitious execution of remote code by a hacker on a user's computer.

Moreover, the update addresses four different security flaws of which three relate to string length, pointer and invalid index issues that could let the execution of remote code, while the fourth one relates to an issue of boundary condition with which an attacker could create a Denial-of-Service situation.

Describing Shockwave Player, Adobe said - it displays content developed by the company's Director Program. This program presents sophisticated devices for creating Flash and other interactive content. The Director Program also helps to create high-quality images, 3D models and long-form or full-screen digital content, and allows more control over them in terms of the method of their display. Earlier during July 2009, Adobe had released an update to mend its Shockwave Player.

It has been noticed that hackers often target security flaws in third-party software. With flaws in Windows abating, hackers are searching for problems in third-party applications for exploitation and subsequent compromise of computers.

Besides, Adobe's programs are often attacked because of their wide acceptance. Thus, applications like Acrobat and Reader, and Flash have been exploited many times to take control of PCs.

However, Adobe suggests that people using Shockwave Player 11.5.1.601 and previous editions upgrade to version 11.5.2.602 because hackers could exploit Player's vulnerabilities to compromise system when a user goes to a malware ridden website through Firefox or Internet Explorer.

During June 2009, Adobe patched a similar flaw, which could lead to compromise of an affected system. Consequently, it required Shockwave Player to be wholly un-installed, system rebooted and version 11.5.0.600 re-installed. Later in July 2009, patches for three more vulnerabilities were issued after the discovery of problem in the Active Template Library of Microsoft.

Related article: Adobe Rates Acrobat Vulnerabilities “Critical”

» SPAMfighter News - 19-11-2009

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial