Adobe has released a security update to address critical vulnerabilities for _Adobe Shockwave Player _12.0.7.148 and earlier versions of the Windows and Mac OS X systems.
The Patch fixes two critical remote code execution vulnerabilities, that could potentially allow an attacker to remotely take control of the affected system.
According to the Security Advisory released by Adobe, the vulnerabilities labeled as CVE-2014-0500 and CVE-2014-0501, and very limited information is available at this moment. These vulnerabilities discovered and reported by_ Liangliang Song _of Fortinetβs FortiGuard Labs.
βAn attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.β advisory explained.
Adobe gave the update its highest βPriority Rankingβ of 1, which indicates that a vulnerability is actively being targeted, or has a higher risk of being targeted by exploits in the wild.
The Adobe Shockwave Player version can be verified by visiting βthis websiteβ, and if it prompts you to download Adobe Shockwave Player, that means you havenβt installed it.
Windows and Mac OS X users are recommended to update their Adobe Shockwave Player 12.0.7.148 and earlier versions update to the newest version Adobe Shockwave Player 12.0.9.149.