Adobe released an emergency update today for its Flash Player to guard against a zero-day exploit, which could allow attackers to gain remote access to an affected machine. The security flaw has been elevated to “critical” status, which is Adobe’s highest threat level. Ars Technica reports the exploit can be triggered by “underlying code that could be exploited to execute arbitrary code” if a person navigates to a malicious site hosting an attack.
Windows and Mac users are affected by this zero-day exploit if running Adobe FLash Player 18.104.22.168 and earlier versions. Linux users are also affected if running 22.214.171.1245 or earlier versions of Flash Player. Users running Google Chrome or Internet Explorer 10/11 will automatically be updated to the latest Adobe Flash Player version, 126.96.36.199, which will be bundled with the browser. Other users are advised to install the update as soon as possible.
You can download the update directly from Adobe’s Flash Player site if you do not get an update prompt.