James Delahunty
20 Jan 2010 20:00
Adobe Systems has issued updates for Shockwave 11.5.2.602 and earlier on the Windows and Mac operating systems aimed at patching serious security bugs with the player. The bugs could potentially allow malicious code to be executed on computers that use the software. The integer overflow and buffer overflow flaws are fixed by an upgrade that Adobe is strongly urging all of its users to install.
It estimates that ShockWave has been installed on over 450 million Internet-enabled Desktops. In order to install a newer version of the Shockwave player however, users need to manually uninstall the older vulnerable version of the software, reboot and then install the newer version. Other Adobe products use automatic update utilities to get newer versions, which will ensure a much higher rate of patching then manual installation.
The update will install Shockwave v11.5.6.606.
More info: http://www.adobe.com/products/shockwaveplayer/