Adobe has announced that today it will fix the critical vulnerability in the Windows and Macintosh versions of Adobe Shockwave Player 11.5.8.612 (and earlier). The company said it has received reports of active exploitation.
The vulnerability (CVE-2010-3653) can crash the application and allow an intruder to take control of the system.
Security bulletin here: http://www.adobe.com/support/security/advisories/apsa10-04.html
If you use Shockwave Player, it would be a good idea to watch for the update.
Tom Kelchner