Critical Security Fix for Adobe Shockwave Player
Adobe Systems Inc. on Tuesday issued a software update to fix a critical security flaw in its Shockwave Player, a commonly installed Web browser plug-in. According to Adobe, a malicious or hacked site could use the security hole to install malicious software if the visitor merely browses the site with a vulnerable version of the media player software.
The flaw exists in Shockwave Player (also known as Macromedia Shockwave Player) version 18.104.22.1686 and earlier. To find out whether Shockwave is installed and which version may be on your PC, visit this site.
In a posting to its security blog, Adobe said it is not aware of any exploits in the wild for this vulnerability.
Adobe recommends Shockwave Player users on Windows uninstall Shockwave version 22.214.171.1246 and earlier on their systems, restart and install Shockwave version 126.96.36.1990, available here.
Readers should be aware that by default this patch will also try to install Symantec's Norton Security Scan, a clever marketing tool by Symantec that checks to see if you have malware on your system and then prompts you to buy their software to remove any found items. I find the bundling of a serious security update with this otherwise useless tool annoying, and potentially counter-productive. It makes you wonder: Did Symantec come up with this marketing tactic on their own, or did they borrow the idea from the people pushing rogue anti-virus products (or was it the other way around?) At any rate, if you don't want this extra software, be sure to deselect that option before proceeding with the update.
June 25, 2009; 7:00 AM ET
Categories: New Patches , Safety Tips | Tags: adobe shockwave
Save & Share: Previous: Microsoft Debuts Free Antivirus Software Beta
Next: Ex-DHS Cyber Chief Tapped as President of ICANN
Posted by: jxl2 | June 25, 2009 9:03 AM | Report abuse
Posted by: PC-tech | June 25, 2009 9:13 AM | Report abuse
Posted by: ummhuh1 | June 25, 2009 12:30 PM | Report abuse
Posted by: eiverson1 | June 25, 2009 2:46 PM | Report abuse
Posted by: CB12 | June 25, 2009 3:17 PM | Report abuse
Posted by: Hoku1 | June 25, 2009 3:37 PM | Report abuse
Posted by: JBV1 | June 26, 2009 2:33 PM | Report abuse
Posted by: BTKrebs | June 26, 2009 3:29 PM | Report abuse
Posted by: b_100666 | July 1, 2009 11:21 AM | Report abuse
The comments to this entry are closed.