Adobe Systems Inc. has shipped an emergency security update to fix a critical flaw in its Flash Player software that is currently being exploited in active attacks. The exploits so far appear to target Microsoft Windows users, but updates also are available for Mac and Linux versions of Flash. brokenflash-aThe Flash update brings the media player to v. 13.0.0.206 on Windows and Mac systems, and v. 11.2.202.356 for Linux users. To see which version of Flash you have installed, check this link. IE10/IE11 and Chrome should auto-update their versions of Flash. If your version of Flash on Chrome (on either Windows, Mac or Linux) is not yet updated, you may just need to close and restart the browser. The most recent versions of Flash are available from the Adobe download center, but beware potentially unwanted add-ons, like McAfee Security Scan).
(NOTE: CNET reports that this patch does not affect or protect against the Internet Explorer vulnerability.)
Read the full story at Krebs on Security and read the Adobe security bulletin here.