Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Adobe Updates Shockwave Player - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Adobe Updates Shockwave Player

This one fell between the cracks yesterday. Adobe released one bulletin yesterday for patch Tuesday [1]. The update fixes two vulnerabilities in Adobe's Shockwave player.

All versions of Shockwave Player prior to 12.2.0.162 are vulnerable and Adobe assigned this patch a priority rating of 1, indicating that the vulnerability has already been exploited in targeted attacks.

[1] https://helpx.adobe.com/security/products/shockwave/apsb15-22.html

 

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

I will be teaching next: Defending Web Applications Security Essentials - SANS Munich July 2019

Johannes

3537 Posts
ISC Handler
Does anything still use Shockwave? I can't remember having it installed on any systems I manage in probably five years. Even then, it was only for a couple "educational game" websites that were used by only a handful of teachers in one school district.
Anonymous

Sign Up for Free or Log In to start participating in the conversation!