As expected, Adobe has released a new version of Flash that addresses CVE-2018-4878 and another critical vulnerability, CVE-2018-4877. A new security bulletin (APSB18-03) provides additional details.
The new version was made available on February 6. The release notes show that at least one other bug was fixed in Flash 22.214.171.124.
Anyone still using a web browser with Flash enabled should make sure that it’s up to date. CVE-2018-4877 is already being actively exploited.
As usual, Chrome will update itself automatically, and Internet Explorer and Edge will get the new Flash via Windows Update.