Adobe today updated Shockwave player, patching one privately disclosed memory corruption vulnerability in the software.
Adobe gave the vulnerability, CVE-2015-7649, its highest criticality rating, though there are no known public exploits for this flaw.
The vulnerability, Adobe said, could allow an attacker to remotely execute code and take control over the vulnerable machine.
The flaw affects Windows and Macintosh versions of Shockwave 220.127.116.11 and earlier, and users are urged to update to 18.104.22.168.
Adobe last updated Shockwave in September when it patched two critical vulnerabilities, both of which were memory corruption issues similar to today’s update.