Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Adobe Updates Shockwave Player

This one fell between the cracks yesterday. Adobe released one bulletin yesterday for patch Tuesday [1]. The update fixes two vulnerabilities in Adobe's Shockwave player.

All versions of Shockwave Player prior to are vulnerable and Adobe assigned this patch a priority rating of 1, indicating that the vulnerability has already been exploited in targeted attacks.



Johannes B. Ullrich, Ph.D.

I will be teaching next: Intrusion Detection In-Depth - SANS Doha March 2022


4346 Posts
ISC Handler
Sep 9th 2015
Does anything still use Shockwave? I can't remember having it installed on any systems I manage in probably five years. Even then, it was only for a couple "educational game" websites that were used by only a handful of teachers in one school district.

Sign Up for Free or Log In to start participating in the conversation!