Adobe has shipped a Shockwave Player update to fix 20 security holes, some serious enough to lead to system takeover attacks.
The vulnerabilities, rated “critical,” affect Shockwave Player 11.5.7.609 and earlier versions for Windows and Macintosh.
From Adobe’s advisory:
Critical vulnerabilities have been identified in Adobe Shockwave Player 11.5.7.609 and earlier versions on the Windows and Macintosh operating systems. The vulnerabilities could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system.
Users of Adobe Shockwave Player 11.5.7.609 and earlier versions should immediately upgrade to version 11.5.8.612.