Revision as of 17:34, 10 July 2024 edit 2a02:3102:6809:fff0:157c:abb3:5ccc:b082 (talk) No edit summary Tags: Reverted Visual edit Mobile edit Mobile web edit ← Previous edit		Revision as of 17:35, 10 July 2024 edit undo 2a02:3102:6809:fff0:157c:abb3:5ccc:b082 (talk) No edit summary Tags: Reverted Visual edit Mobile edit Mobile web edit Next edit →
Line 74: == Security == Some security experts advise users to uninstall Adobe Shockwave Player because "it bundles a component of Adobe Flash that is more than 15 months behind on security updates, and which can be used to backdoor virtually any computer running it", in the words of [[Brian Krebs]]. This opinion is based on research by Will Dormann, who goes on to say that Shockwave is architecturally flawed because it contains a separate version of the Flash runtime that is updated much less often than Flash itself.<ref>{{cite web\|last1=Pauli \|first1=Darren \|title=Shockwave shocker: Plugin includes un-patched version of Flash \|url=https://www.theregister.co.uk/2014/05/23/shockwave_shocker_movie_box_riddled_with_0day_archive_of_antiquity/ \|website=The Register \|archive-url=https://web.archive.org/web/20140523185931/http://www.theregister.co.uk/2014/05/23/shockwave_shocker_movie_box_riddled_with_0day_archive_of_antiquity/ \|archive-date=May 23, 2014 \|date=May 23, 2014 \|url-status=live }}</ref> Additionally Krebs writes that "Shockwave has several modules that don't opt in to trivial exploit mitigation techniques built into Microsoft Windows, such as [[Microsoft-specific exception handling mechanisms\|SafeSEH]]."<ref>{{cite web\|last1=Krebs \|first1=Brian \|title=Why You Should Ditch Adobe Shockwave \|url=http://krebsonsecurity.com/2014/05/why-you-should-ditch-adobe-shockwave/ \|website=Krebs on Security blog \|archive-url=https://web.archive.org/web/20140525065654/http://krebsonsecurity.com/2014/05/why-you-should-ditch-adobe-shockwave/ \|archive-date=May 25, 2014 \|date=May 21, 2014 \|url-status=live }}</ref><ref>{{cite web\|last1=Goodin \|first1=Dan \|title=Adobe Shockwave bundles Flash that's 15 months behind on security fixes \|url=https://arstechnica.com/security/2014/05/adobe-shockwave-bundles-flash-thats-15-months-behind-on-security-fixes/ \|website=Ars Technica \|archive-url=https://web.archive.org/web/20140522162824/http://arstechnica.com/security/2014/05/adobe-shockwave-bundles-flash-thats-15-months-behind-on-security-fixes/ \|archive-date=May 22, 2014 \|date=May 21, 2014 \|url-status=live }}</ref> ==Branding and name confusion==

Adobe Shockwave Player: Difference between revisions