Adobe zero-day flaw code published

A critical vulnerability for Adobe Shockwave Player has been discovered but no patch date has been confirmed.

Adobe Shockwave

The code for a zero-day vulnerability affecting Adobe Shockwave Player has been published and the software maker has not yet promised a patch date.

Adobe acknowledged the hole affecting Shockwave Player 11.5.8.612 and earlier versions on the Windows and Mac operating systems, after a researcher made the exploit code public.

If exploited, the flaw "could cause a crash and potentially allow an attacker to take control of the affected system," Adobe said.

"While details about the vulnerability have been disclosed publicly, Adobe is not aware of any attacks exploiting this vulnerability against Adobe Shockwave Player to date," the firm noted in a security advisory.

Adobe said it is currently working on getting a schedule together for an update to address the vulnerability in Shockwave Player.

The company shares information about this and other vulnerabilities through the Microsoft Active Protections Program, which it joined in July.

Sharing this information with partners in the security community enables them to "quickly develop detection and quarantine methods to protect users until a patch is available," Adobe assured.

"As always, Adobe recommends that users follow security best practices by keeping their anti-malware software and definitions up to date," the firm added.

IT PRO recently caught up with Brad Arkin, Adobe's director for product security and privacy, to talk about how the company tackles serious vulnerabilities such as the above.

Featured Resources

How to be an MSP: Seven steps to success

Building your business from the ground up

Download now

The smart buyer’s guide to flash

Find out whether flash storage is right for your business

Download now

How MSPs build outperforming sales teams

The definitive guide to sales

Download now

The business guide to ransomware

Everything you need to know to keep your company afloat

Download now

Recommended

HackBoss malware is using Telegram to steal cryptocurrency from other hackers
cryptocurrencies

HackBoss malware is using Telegram to steal cryptocurrency from other hackers

16 Apr 2021
Cyber attacks on manufacturing up 300% in a year
Security

Cyber attacks on manufacturing up 300% in a year

11 May 2021
US fuel pipeline hackers reveal their motive
ransomware

US fuel pipeline hackers reveal their motive

11 May 2021
Trend Micro and Snyk team up to combat open source flaws
vulnerability

Trend Micro and Snyk team up to combat open source flaws

10 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021