Adobe has issued a security advisory warning about a newly discovered critical vulnerability in Adobe Flash Player currently being used in attacks.
A critical vulnerability (CVE-2016-1019) was found in Adobe Flash Player Version 18.104.22.168 and earlier versions, for Windows, Mac, Linux, and Chrome OS, could allow an attacker to crash and wrest control of the victim's machine.
Adobe notes that there are reports that the bug is being used in attacks on systems running Windows 7 and Windows XP with Flash Player version 22.214.171.1246 and earlier.
A mitigation method in Flash Player version 126.96.36.199 defends against attacks exploiting the newly discovered vulnerability and protects systems running Flash Player 188.8.131.52 and later. Adobe recommends updating Flash to that version.
An emergency patch could come as soon as April 7, according to Adobe.
See the Adobe Product Security Incident Response Team blog for the latest information.
For complete Security Advisory detail, read the Adobe Security Advisory.