A newly discovered zero-day vulnerability in Adobe Flash Player is being exploited by attackers in the wild. Adobe released a Security Bulletin (APSB16-36) yesterday which patches the vulnerability (CVE-2016-7855).
The critical vulnerability affects Adobe Flash Player 23.0.0.185 and earlier versions for the following operating systems: Windows, Mac, Linux, Chrome OS.
According to Adobe, an exploit for the vulnerability exists in the wild and is being used in limited, targeted attacks against users running Windows versions 7, 8.1, and 10.