Security News

Adobe Patches Critical Flaws in Flash and Shockwave

Posted on February 13th, 2013 by

In two separate security updates, Adobe released new versions of its Flash Player and Shockwave Player to address vulnerabilities in the software. Both software updates address critical vulnerabilities and Adobe recommends users update their product installations to the latest versions.

The security issues addressed in Adobe Flash Player 11.5.502.149 and earlier versions affect all operating systems, resolving flaws that could cause a crash and potentially allow an attacker to take control of the affected system. Security updates for Adobe Shockwave Player 11.6.8.638 and earlier versions fix flaws that affect the Macintosh and Windows platforms, “[addressing] vulnerabilities that could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system,” the company said.

Adobe’s Flash Player update fixes a combined 17 flaws (CVEs), as indicated below:

The software update for Adobe Shockwave Player fixes two flaws, described in more detail below:

  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2013-0635).
  • This update resolves a stack overflow vulnerability that could lead to code execution (CVE-2013-0636).

Users of Adobe Flash Player 11.5.502.149 and earlier versions for Mac OS X should download the 16.15 MB update to Adobe Flash Player 11.6.602.167 as soon as possible. Flash Player installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 11.6.602.167 for Mac, Linux, and Windows platforms. Users of Adobe AIR 3.5.0.1060 and earlier versions for Mac should download the 26.6 MB update to Adobe AIR 3.6 (version 3.6.0.597). Lastly, users of Adobe Shockwave Player 11.6.8.638 and earlier versions for Mac and Windows should download the 12.9 MB update to the newest Shockwave Player version 12.0.0.112.

  • 1Biodegradable1

    Shockwave Player version 12.0.0.112 will not run on Mac OS 10.6.8 and the available uninstaller hangs and requires a force quit.

    It seems no Shockwave player is now available for OS 10.6.8?

Join Our Awesome Email Newsletter

Enter your email address below to start receiving the best Mac Security Updates.

{"url":"\/marketo\/json\/add-to-newsletter","data":"list_name=Blog Roadblock"}