Adobe today released a critical update for Flash Player. The update was released outside of Adobes regular patch cycle. [1]
The singled vulnerability fixed by this update, CVE-2016-7855, has already been exploited in targeted attacks against Windows.
Windows, Linux and Mac versions are affected, including versions embedded in Chrome and Edge/Internet Explorer 11.
Please expedite this update, and review that Flash does not start automatically in your browser but only if enabled by the user for a specific site. Consider removing Flash whenever possible.
[1]https://helpx.adobe.com/security/products/flash-player/apsb16-36.html
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.