Hackers exploit unpatched Flash Player vulnerability, Adobe warns
Adobe Systems is working on a patch for a critical vulnerability in Flash Player that hackers are already exploiting in attacks. In the meantime, the company has released other security patches for Reader, Acrobat, and ColdFusion.
The Flash Player vulnerability is being tracked as CVE-2016-4117 and affects Flash Player versions 184.108.40.206 and earlier for Windows, OS X, Linux, and Chrome OS. Successful exploitation can allow attackers to take control of affected systems.
“Adobe is aware of a report that an exploit for CVE-2016-4117 exists in the wild,” the company said in an advisory published Tuesday. “Adobe will address this vulnerability in our monthly security update, which will be available as early as May 12.”