Adobe has shipped a Shockwave Player update to fix 20 security holes.
From Adobe’s advisory:
Critical vulnerabilities have been identified in Adobe Shockwave Player 18.104.22.1689 and earlier versions on the Windows and Macintosh operating systems. The vulnerabilities could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system.
Users of Adobe Shockwave Player 22.214.171.1249 and earlier versions should immediately upgrade to version 126.96.36.1992 using this link: http://get.adobe.com/shockwave/