Martin's selection of few interesting IT Security, Privacy, and free tools from the Net: Strange and very bad - Adobe Shockwave provides its own version of the Flash runtime that is more than 15 months behind on security updates (according to Krebs}

Wednesday, May 21, 2014

Strange and very bad - Adobe Shockwave provides its own version of the Flash runtime that is more than 15 months behind on security updates (according to Krebs}

According to the article:-

Dormann said, the current version of Shockwave for both Windows and Mac systems lacks any of the Flash security fixes released since January 2013. By my count, Adobe has issued nearly 20 separate security updates for Flash since then, including fixes for several dangerous zero-day vulnerabilities.

Dormann said it may actually be easier for attackers to exploit Flash vulnerabilities via Shockwave than it is to exploit them directly against the standalone Flash plugin itself. That’s because Shockwave has several modules that don’t opt in to trivial exploit mitigation techniques built into Microsoft Windows, such as SafeSEH.

The link below has more information:-

http://krebsonsecurity.com/2014/05/why-you-should-ditch-adobe-shockwave/

Martin's selection of few interesting IT Security, Privacy, and free tools from the Net

Wednesday, May 21, 2014

Strange and very bad - Adobe Shockwave provides its own version of the Flash runtime that is more than 15 months behind on security updates (according to Krebs}

No comments:

Post a Comment

Popular Posts

Categories

Blog Archive