Malicious users are going wild again. It's so disappointing that they still have huge power over the online security world. This time, and probably not the last, attackers are targeting Adobe software products. To be more specific, I'm talking about Adobe Shockwave Player. A critical vulnerability was recently found in this particular software program. Adobe didn't give many details on the vulnerability but wrote that it is remotely exploitable. This means that a hacker could use it with the purpose of infecting a computer with malicious software, over the Internet.
Before providing an explanation as to how the vulnerability works and how it affects computer systems, let me enlighten you about the Adobe Shockwave Player application. If you have heard about it or know exactly what it is, then I consider this a reminder.
Shockwave Player is a commonly installed Web browser plug-in. It is used for displaying content configured by Adobe's Director program. It provides advanced functions to build interactive content, including Flash. The Director application can be used to make 3D models, high-quality images and full-screen or long-form digital content. In addition, it provides greater control over how those elements are displayed. Adobe states that Shockwave Player is installed on 450 million computers. One file related to Adobe Shockwave Player is swhelper_1020022.exe .
Now let us move on the impact of this vulnerability. By taking advantage of this specific vulnerability, an attacker will be able to take control of the affected system. The vulnerability is confirmed in versions before 22.214.171.1240. A manipulated or hacked site could use a security hole to install malicious software, If the visitor browses the site with an affected version of the media player software. If the vulnerability is exploited successfully, it may enable malicious users to execute arbitrary code.
Now that you are aware of how this vulnerability can be exploited, you may ask: What is the solution to this serious security issue? I‘m glad to tell you that Adobe Systems has issued a patch for its Shockwave Player vulnerability. The Shockwave Player 126.96.36.1990 update resolves a backwards compatibility mode variation of the issue with Shockwave Player 10 content. Users are highly recommended to apply the update and upgrade their installations. Shockwave Player users utilizing Windows, are advised by Adobe to uninstall the old Shockwave versions 188.8.131.526 and earlier, reboot the system and install the new Shockwave version 184.108.40.2060.