Adobe has shipped a Shockwave Player update to fix 20 security holes.
From Adobe’s advisory:
Critical vulnerabilities have been identified in Adobe Shockwave Player 220.127.116.119 and earlier versions on the Windows and Macintosh operating systems. The vulnerabilities could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system.
Users of Adobe Shockwave Player 18.104.22.1689 and earlier versions should immediately upgrade to version 22.214.171.1242 using this link: http://get.adobe.com/shockwave/