Adobe Patches Shockwave Player Flaws

A critical update for Adobe's Shockwave Player addresses several security vulnerabilities, most of which leave users open to having their systems hijacked.

Adobe Systems patched 20 bugs in its Shockwave Player in a critical update Aug. 24.

The vulnerabilities were "identified in Adobe Shockwave Player and earlier versions [running] on Windows and Macintosh systems," the company said. Almost all of the bugs are memory corruption issues that, if triggered, could allow an attacker to execute code. According to Adobe, none of the issues are currently being exploited in the wild.

The collection of vulnerabilities also includes some denial-of-service issues.

So far in August, Adobe has released updates for Adobe Flash Player, ColdFusion and Flash Media Server. The company also pushed out an emergency fix for Adobe Reader to plug a security hole revealed at the Black Hat conference in July.

In an effort to improve security, Adobe recently announced plans to add sandboxing technology to Adobe Reader.