Adobe issued an emergency update for its Flash Player today, making it the second emergency update this month. The new update patches a flaw that allowed hackers to install malware on users’ computers.
Security firm FireEye reports that this type of “drive-by” attack has targeted at least three nonprofit organizations, including the Peter G. Peterson Institute for International Economics and the Smith Richardson Foundation.
It appears the a single attacker or organization is leveraging security flaws in Adobe’s Flash Player and Java to target organizations related to international security policy.
The exploit specifically affects computers running older versions of Windows and Flash Player. Windows XP and Windows 7 users should be wary as the attack targets out of date Java and Microsoft Office products including Office 2007 and Office 2010.
To protect yourself, update to the latest version of Flash Player (22.214.171.124), which you can find here.