Adobe has released a Shockwave Player update that addresses some of the application's critical vulnerabilities.

The Shockwave Player 11.5.9.615 update, which includes a zero-day one, provides fixes for eleven vulnerabilities. The flaws, which may lead to arbitrary code, has six vulnerabilities that can be found in the dirapi.dll module. In addition, two flaws are located IML32.dll while the rest can be found on unspecified components.

According to Adobe's security bulletin, the update addresses a zero-day flaw that was first reported by Abyssec Security Research. The vulnerability, which has been identified as CVE-2010-3653, is said to have already been exploited, making the release of a security patch necessary.

Adobe is expected launch a fixed version of the Flash Player late next month. The company advises users to update anti-malware programs to prevent any problems.