Thursday, June 25, 2009

Adobe Shockwave critical update

Critical Adobe Shockwave flaw affects millions

Adobe’s Shockwave Player contains a critical vulnerability that could be exploited by remote hackers to take complete control of Windows computers, according to a warning from Adobe.

The flaw affects Adobe Shockwave Player and earlier versions. Details from Adobe’s advisory:

"This vulnerability could allow an attacker who successfully exploits this vulnerability to take control of the affected system. Adobe has provided a solution for the reported vulnerability (CVE-2009-1860). This issue was previously resolved in Shockwave Player; the Shockwave Player update resolves a backwards compatibility mode variation of the issue with Shockwave Player 10 content. To resolve this issue, Shockwave Player users on Windows should uninstall Shockwave version and earlier on their systems, restart, and install Shockwave version, available here

This issue is remotely exploitable.

No comments: