Adobe releases Shockwave Player 11.6.4r634, claims identification of nine critical security flaws

Posted by:
Date: Wednesday, February 15th, 2012, 09:03
Category: News, security, Software

It wasn’t the most exciting update in the universe yesterday, but if Adobe recommends you snag it and calls snagging it “critical”, then that’s a good indication of things.

Per MacNN, Adobe released Shockwave Player 11.6.4r634 on Tuesday, the new version following Adobe’s identification of nine “critical” vulnerabilities in Shockwave Player 11.6.3.633 and earlier versions for the Mac and Windows platforms that could allow attackers to run malicious code on the affected systems.

The company is advising all users to update to the latest version for their system version, but only the new v11.6.4.634 is protected from the vulnerabilities, which revolve around a memory corruption issue in Shockwave 3D assets.

Adobe’s Flash and Shockwave browser plug-ins suffered numerous security issues over the course of 2011, resulting in frequent patches and updates. The latest version of Shockwave addresses a heap overflow vulnerability as well, but all nine patched vulnerabilities give attackers the ability to execute code on affected machines.

Shockwave Player 11.6.4r634 is an 11.1 megabyte download and requires Mac OS X 10.4 or later to install and run.

If you’ve tried the new version and have any kind of feedback to offer, please let us know in the comments.

Recent Posts