- This vulnerability affects: Adobe Shockwave Player 184.108.40.2063 and earlier, running on Windows and Macintosh computers
- How an attacker exploits it: By enticing your users into visiting a website containing a malicious Shockwave content
- Impact: An attacker can execute code on your computer, potentially gaining control of it
- What to do: If you allow the use of Shockwave in your network, you should download and deploy the latest version (220.127.116.114) of Adobe Shockwave Player as soon as possible.
Adobe Shockwave Player displays interactive, animated web content and movies called Shockwave. According to Adobe, the Shockwave Player is installed on hundreds of millions of PCs.
In a security bulletin released late Tuesday, Adobe warned of nine critical vulnerabilities that affect Adobe Shockwave Player 18.104.22.1683 for Windows and Macintosh (as well as all earlier versions). Adobe’s bulletin doesn’t describe the flaws in much technical detail. For the most part, the flaws consist of memory related vulnerabilities, including heap buffer overflows and other memory corruption flaws. Though the flaws differ technically, they all share the same general scope and impact. If an attacker can entice one of your users into visiting a website containing some sort of malicious Shockwave content, he could exploit any of these vulnerabilities to execute code on that user’s computer, with that user’s privileges. If your Windows users have local administrator privileges, an attacker could exploit this flaw to gain full control of their PC.
If you use Adobe Shockwave in your network, we recommend you download and deploy the latest version as soon as you can.
Adobe has released Shockwave Player version 22.214.171.1244 to fix these security flaws. If you use Adobe Shockwave in your network, we recommend you download and deploy the updated player as soon as possible. You can get it from the link below.
For All WatchGuard Users:
If you choose, you can configure the HTTP proxy on your XTM appliance to block Shockwave content. Keep in mind, doing so blocks all Shockwave content, whether legitimate or malicious.
Our proxies offer many ways for you to block files and content, including by file extension, MIME type, or by using very specific hexidecimal patterns found in the body of a message – a technique sometimes referred to as Magic Byte detection. Below I list the various ways you can identify Shockwave files:
- .swf – Adobe Shockwave files
FILExt.com reported Magic Byte Pattern:
- Hex: 46 57 53
(We believe this pattern is too short, thus prone to false positives. We don’t recommend you use it)
If you decide you want to block Shockwave files, the links below contain instructions that will help you configure your Firebox proxy’s content blocking features using the file and MIME information listed above.
- XTM Appliance with WSM 11.x
- Firebox X Edge running 10.x
- Firebox X Core and X Peak running Fireware 10.x
Adobe has released a Shockwave Player update to fix these vulnerabilities.
Locksmith Conroe Tx says
Thank you for sharing your thoughts. I really appreciate your efforts and
I will be waiting for your further post thanks once again.
I do believe all of the ideas you have offered for your post.
They’re very convincing and will certainly work.
Still, the posts are too brief for beginners.
Could you please extend them a little from next time?
Thanks for the post.
Gift Market says
hi!,I love your writing very so much! proportion we keep in touch more
approximately your post on AOL? I require an expert in this house to resolve my problem.
May be that’s you! Having a look ahead to see you.