Anyone who uses a web browser with Flash enabled should stop what they’re doing and install the latest Flash update from Adobe. The new version (18.0.0.194) was announced earlier today to address a critical vulnerability for which exploits have been observed in the wild.

Note that YouTube no longer uses Flash by default, so if you previously only used Flash for YouTube, you might be able to completely disable it in your browser. YouTube now uses a video player based on HTML5 technology.

Internet Explorer on Windows 8.x and Google Chrome will receive the new version of Flash via their own update mechanisms.

Brian Krebs has additional details on the vulnerability and the update. Krebs also recently wrote about his recent experiment in trying to live without Flash.

Update 2015Jul01: And just like that, the Cryptowall malware has been modified to take advantage of this vulnerability in unpatched Flash installations.