Adobe has released a security update for all versions of Flash Player, addressing a security exploit that it says is already being used in the wild. According to a security bulletin posted Friday, the vulnerability could cause Flash to crash, and in the process allow an attacker to take control of a user's system. The company notes that it has received reports that the exploit is already being taken advantage of by attackers via email; clicking on a malicious file attachment initiates the attack on a vulnerable system. The cited attack is currently targeted only at Internet Explorer users on Windows, but the vulnerability itself is present in Flash Player for Windows, OS X, Linux, and Android.
Computer users are urged to update to Flash Player version 22.214.171.124 by visiting Adobe's website; Android users can update via the Google Play Store (version 126.96.36.199 for Ice Cream Sandwich and 188.8.131.52 for devices running Android 3.0 or earlier). Google Chrome users should already be safe, as the browser's built-in implementation of Flash updates automatically — though of course if you have Flash installed on your overall system as well you'll need to address that update directly. You can visit the Flash "about" page to determine what version of the software your machine is currently running.