Adobe has been forced to rush out an out-of-cycle patch to fix a zero-day universal cross-site scripting vulnerability which affects the firm's Flash Player software and is already being exploited in the wild.
The flaw has been rated 'important' by Adobe, one level below the highest 'critical' rating, and meaning that it would compromise data security if exploited.
The vulnerability affects Adobe Flash Player 10.3.181.16 and earlier for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.22 and earlier for Android.
"This universal cross-site scripting vulnerability (CVE-2011-2107) could be used to take actions on a user's behalf on any web site or webmail provider, if the user visits a malicious web site," noted Adobe in a security update.
"There are reports that this vulnerability is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message."
Adobe is recommending users of Adobe Flash Player 10.3.181.16 and earlier versions for Windows, Macintosh, Linux and Solaris to download the latest version of the software from the Adobe Flash Player Download Center.
An update for Flash Player 10.3.185.22 for Android is expected during the week of 6 June.
US space agency believes the crater could have preserved ancient organic molecules from the water that flowed there billions of years ago
Valve quietly closes down hardware initiatives launched following Windows 8
Scientists create a virtual reality simulation of a black hole sitting at the centre of the Milky Way
Simulations like this can help people understand complicated systems in the universe in a better way
The most luminous galaxy ever discovered is cannibalising at least three of its smaller neighbours, study finds
The galaxy radiates at 350 trillion times the luminosity of the Sun