Adobe has shipped a Shockwave Player update to fix 20 security holes.
From Adobe’s advisory:
Critical vulnerabilities have been identified in Adobe Shockwave Player 184.108.40.2069 and earlier versions on the Windows and Macintosh operating systems. The vulnerabilities could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system.
Users of Adobe Shockwave Player 220.127.116.119 and earlier versions should immediately upgrade to version 18.104.22.1682 using this link: http://get.adobe.com/shockwave/