Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home > News > Webmaster > Internet Life

July 29th, 2009, 13:17 GMT · By

Adobe Releases Shockwave 11.5.0.601 to Fix a Critical Issue

SHARE:

Adjust text size:


Adobe has released the update ahead of schedule
Enlarge picture
Adobe has announced a new version of its Shockwave platform, which fixes a critical security vulnerability revealed by Microsoft yesterday in its Active Template Library (ATL). The vulnerability affected the Internet Explorer versions of Adobe's Shockwave player as well as Flash player. Shockwave 11.5.0.601 was released yesterday to remedy the problem and a new version of the Flash player will be released on July 30.

“Adobe Shockwave Player 11.5.0.600 and earlier versions on Windows leverages a vulnerable version of the Microsoft Active Template Library (ATL) described in Microsoft Security Advisory (973882). This vulnerability could allow an attacker who successfully exploits the vulnerability to take control of the affected system. Adobe has provided a solution for the reported vulnerability,” reads the Security Bulletin for the vulnerability.

The critical Microsoft vulnerability could potentially allow an attacker to run arbitrary code and take control of the system. The new update closes that vulnerability but Adobe still recommends users to install the Microsoft patch for the bug as well.

Adobe's Product Security Incident Response Team (PSIRT) announced that only Shockwave and Flash were affected by the bug, with the Adobe Reader browser plugin, Connect Pro, Flash Lite for mobile devices and other products safe from the vulnerability. Furthermore, the problem only extends to Internet Explorer on Windows whereas versions of the two plugins for Firefox and other browsers running on Windows as well as other platforms like Linux, Mac or Solaris are not affected.

The bug fix was integrated in a regularly scheduled update for Shockwave which also brings several other fixes. Most notably, a memory leak in the Physics module was fixed as was a Font Style problem. The GetPref() method was modified so that it will also read Shockwave 10 preferences if the ones for the latest version aren't available. Finally a problem with “Bounding Sphere” in Physics was also solved.


Adobe Shockwave Player 11.5.1.601 is available for download here.
FILED UNDER:
Adobe
Shockwave
Flash

TELL US WHAT YOU THINK:

2,150 hits · Link to this article · Print article · Send to friend · Subscribe to news

MUST-READ RELATED ARTICLES:


Adobe Releases Security Updates for Acrobat and Adobe Reader
Adobe AIR Reaches 200 Million Installs
Adobe Takes a Week Off
Adobe ColdFusion 9 and ColdFusion Builder Betas Released
Adobe Income Drops 41 Percent in Q2

READER COMMENTS:



No user comments yet.
Be the first to express your opinion!
Copyright © 2001-2012 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use