On June 7, Adobe released a new version of Flash, which addresses four vulnerabilities in earlier versions. One of those vulnerabilities is being exploited right now, mostly by way of Office documents attached to email.
The security bulletin for Flash 126.96.36.199 provides additional details.
If you’re using Flash, and in particular if you use a web browser in which Flash is enabled, you should update Flash as soon as possible. On Windows systems, you can do that by going to the Windows Control Panel, then clicking the Flash component. In the Flash Player Settings Manager, go to the
Updates tab and click
Check Now. That will take you to the official About Flash page, where you can check whether Flash is currently installed, see which version is installed, and download the latest version. Depending on your browser configuration, you may have to click the small gray rectangle to the right of the introductory text, then confirm that you want to allow Flash content to play.
As usual, browsers with embedded Flash (Edge, Chrome, Internet Explorer) will get the new version via their own update mechanisms.