The update, which is rated “critical,” addresses a total of five
documented vulnerabilities. The most serious flaw could allow remote
code execution attacks against Windows and Mac users.
From Adobe’s bulletin:
vulnerabilities have been identified in Adobe Shockwave Player
22.214.171.1241 and earlier versions. The vulnerabilities could allow an
attacker, who successfully exploits the vulnerabilities, to run
malicious code on the affected system. Adobe has provided a solution
for the reported vulnerabilities. It is recommended that users update
their installations using the instructions provided below.
The update applies to Shockwave Player 126.96.36.1991 and earlier versions. Adobe’s patch can be downloaded here.