On Monday, we told you about the hack of an Italian company called Hacking Team. Hacking Team was responsible for massive digital spying on behalf of more than two dozen governments, from Sudan and Saudi Arabia to Australia and the United States.
The hack exposed just how shady Hacking Team is. It's willing to spy on anybody, including political dissidents, and sell their secrets to the highest bidder. Unfortunately, Hacking Team's nefarious deeds aren't all that surfaced in the hack.
Among the information the hackers and security researchers got from Hacking Team was a previously unknown zero-day flaw in Adobe Flash. In fact, notes from Hacking Team suggest it has been using this flaw to spy on systems for the last four years.
Security firm Symantec has confirmed that the flaw exists and is a danger in versions of Flash up to 18.104.22.168. Like other Adobe Flash flaws, just visiting a site with malicious Flash code can let hackers invade your computer with viruses.
Fortunately, Adobe acted fast and released an update to Flash this morning, version 22.214.171.124. Download it here for Internet Explorer and Firefox. If you're using Chrome, restart your browser to update Flash automatically.
While it doesn't look like regular hackers are using the flaw yet, they won't take too long to get it up and running, so update right away. You can also consider disabling Flash in your browser. Get the step-by-step instructions here, and find out if you even need Flash at all.