Adobe Corrects 18 Shockwave Security Flaws

Our security solution provider WatchGuard recently issued a high severity alert regarding 18 security flaws that affect Adobe Shockwave Player 11.5.6.606 and earlier versions running on Windows and Macintosh. For the most part, the flaws consist of memory-related vulnerabilities and various other memory corruption flaws. An attacker can exploit these flaws by enticing a user into visiting a website containing a malicious Shockwave file. Ultimately, the attacker can execute code onto the user’s computer and potentially gain full control of it.

Due to Adobe’s acquisition of the multimedia program Flash Player from Macromedia, Adobe Shockwave Player is being used less often and is therefore infrequently patched, making the application less secure and more vulnerable to attacks. In order to mitigate the potential risks involved in using this application, as part our Spring 2010 Seasons of Service program, 3D offered the removal of Adobe Shockwave Player from the workstations of clients for whom the use of the application was no longer necessary. Seasons of Service offers our 3DProActive™ Managed and Partner clients unique opportunities to receive valuable network maintenance to sustain ongoing reliability and security. 3D’s proactive removal of Shockwave has proven beneficial in keeping networks secure from the threats posed by the program’s recently-discovered flaws.

For those still using Adobe Shockwave on their network, WatchGuard recommends that users download and install the updated player as soon as possible.

If you would like additional information on how 3D can protect and manage your business network, please visit our website at www.3dcorp.us, email us at info@3dcorp.us, or call us at (360) 671-4906.

References: WatchGuard’s LiveSecurity Update “Adobe Corrects 18 Shockwave Security Flaws”