Update: 2/3: Adobe has found yet another zero-day vulnerability in Flash:
A critical vulnerability (CVE-2015-0313) exists in Adobe Flash Player 126.96.36.1996 and earlier versions for Windows and Macintosh. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. We are aware of reports that this vulnerability is being actively exploited in the wild via drive-by-download attacks against systems running Internet Explorer and Firefox on Windows 8.1 and below.
Update 1/27: Adobe has fixed another zero-day exploit in Flash. Click here to find out how to download or update the program.
Adobe released a patch for an exploit in Adobe Flash today. You need to get this update right now, because the security hole is being used in active attacks.
The vulnerability was exploited by hackers using commercially distributed "exploit kits." An exploit kit is an automated program that allows anyone to hack a website with this specific vulnerability. Hackers with an exploit kit don't need any technical know-how. All they have to do is buy a tool that does it for them.
Users who combined an old version of Flash with Microsoft Windows were vulnerable to anyone who paid for The Angler Exploit Kit.
While updating your Flash Player will protect you from this vulnerability, there's another zero-day exploit in Flash that hasn't yet been fixed.