Six critical vulnerabilities in Adobe Shockwave patched

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Adobe ShockwaveIf your Windows or Mac computer uses the Adobe Shockwave Player, it’s time to update your systems.

Adobe has issued an advisory, warning of a number of security vulnerabilities in its Shockwave media player software, and is urging users to update to Adobe Shockwave Player 11.6.8.638.

According to the firm, the update addresses vulnerabilities that could allow attackers to run malicious code on affected systems. Specifically, it addresses buffer overflow and array out of bounds vulnerabilities that could lead to code execution.

In plain English, unless you are up-to-date with your patches boobytrapped Shockwave content could infect your computer with a Trojan horse or other form of malware.

Sign up to our free newsletter.
Security news, advice, and tips.

Adobe recommends that users of Adobe Shockwave Player 11.6.7.637 and earlier update to the new version 11.6.8.638 immediately. It’s available from Adobe’s website at get.adobe.com/shockwave/.

Note that Adobe Shockwave is a different technology from the more commonly encountered Flash software from the same company.

Many users may not have any requirement for Shockwave. You can check if your computer currently has Shockwave installed by visiting this page on the Adobe website.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.