Update: This vulnerability has now been patched. Original story below.
Another day, another critical vulnerability in Adobe Flash.
Today, just a day after the company released its regular security update, Adobe has confirmed it found a security flaw that affects every version of Flash for every system type: Windows, Mac and Linux.
Given the advisory number of CVE-2015-7645, the new flaw could allow an attacker to “crash and take control of the affected system.”
The best part? There’s no fix available immediately and Adobe only says it “expects” to make an update available next week, but didn’t name a date. That’s a big risk it’s asking you to take.
This exploit was first spotted by researchers at Trend Micro and is already being used in the wild in the form of spear phishing emails with subject lines related to the Russian conflict in Syria as a way to lure in users.
This is your friendly reminder that there’s no better time to uninstall Adobe Flash. It’s long overdue, and you’ll be able to get by without it just fine.
➤ CVE-2015-7645 [Adobe]