![]() Few sites require it (I can’t recall ever encountering a site that required Shockwave), so not that many Mac users are likely to have it installed. The one saving grace here is the lack of any significant need for Shockwave. (Although conclusive reports were never released, it was believed at that time to be used to infect targeted users with the Crisis, aka Remote Control System DaVinci, malware.) The fact that Shockwave’s Flash component has not been updated during that time may possibly mean that it is also vulnerable to attack, and possibly that it is already being used for such attacks. ![]() I won’t be surprised if Apple blocks the current version of Shockwave, as they have done with vulnerable versions of Flash and Java in the past, but don’t wait for that to happen… remove Shockwave today!įlash Player has been updated numerous times since January 2013, and at one point in early 2013 was reported to be in active use in dropping Mac malware on vulnerable machines. Yesterday, Brian Krebs announced a shocking discovery: Adobe Shockwave Player includes an Adobe Flash Player component that has not received any security fixes since January 2013! This is a very serious security failure on Adobe’s part.
0 Comments
Leave a Reply. |