Adobe warned that a critical flaw with the firm’s ubiquitious Flash Player browser plug-in is being exploited by malware in the wild.
The latest Adobe security advisory follows an ealier advisory warning of a similar so-called "zero day" security vulnerability in Adobe Reader. Active attacks have involved emails which attempt to get users to open the infected PDF documents.
Flash is potentially more serious since the Flash plug-in runs automatically when visiting web sites, raising the possibility of attacks through advertising banners or even web-based email services. The flaw even exists in the Adobe Flash player for Android smartphones.
Adobe said that it was in the process of "finalizing a fix" for the flaws and expected to launch a Flash update in two weeks time. Updates for the as-yet unaddressed flaws in Adobe Reader and Acrobat wont be fixed until a scheduled update the week after.
To subscribe to our Twitter feed, head over to @PCR_online.