Today Apple released Security Update 2007-009 for OSX 10.4 and 10.5. It includes both the Shockwave for Director and Flash Player Plug-ins.
The upside of this is that Apple thinks it is good to include Shockwave with a system update. Shockwave has been preinstalled on Macs for a LONG time now. The downside is that although the plug-in is update, it is the Rosetta-only Shockwave. It is getting so hard to deal with Rosetta. All I want for Chrismukkah is a MacIntel version of Shockwave.
This was the statement included with the security update:
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.1, Mac OS X Server v10.5.1
Impact: Opening maliciously crafted Shockwave content may lead to arbitrary code execution
Description: Multiple vulnerabilities exist in Shockwave Player. By enticing a user to open maliciously crafted Shockwave content, an attacker may cause arbitrary code execution. This update addresses the issues by updating Shockwave Player to version 10.1.1.016. Credit to Jan Hacker of ETH Zurich for reporting the problem in Shockwave.
And while on the topic of a MacIntel version of the Plug-in, it seems as if Director has been slightly delayed. Early in 2007 Adobe had said the 2nd half of 2007 for a new version, but that has now been pushed back to January 2008. Read more in the Director FAQ.
5 comments December 17th, 2007