Adobe has released Shockware Player 11.5.1.601 because previous versions used a vulnerable version of the Microsoft Active Template Library (ATL). Additionally, Adobe has released a security advisory to address the same issue in Flash Player. Exploitation of this vulnerability may allow an attacker to execute arbitrary code.

The security advisory for Flash Player indicates that Adobe will be releasing fixes for this issue on July 30, 2009. In the interim, the advisory suggests that users consider installing the Cumulative Security Update for Internet Explorer as defined in Microsoft Security Bulletin MS09-034 to help mitigate some of the risks until fixes are available.

US-CERT encourages users and administrators to review Adobe documents APSB09-11 and APSA09-04 and apply any necessary updates to help mitigate the risks. Additional information can be found in the Adobe PSIRT blog.

Read more: US-CERT Current Activity