Adobe has issued a security update for Flash Player today to patch a zero-day vulnerability exploited by attackers in the wild.
The vulnerability was discovered and independently reported by several security firms —ICEBRG, Tencent, and two security divisions from Chinese cyber-security giant Qihoo 360.
The vulnerability, tracked as CVE-2018-5002, impacts Adobe Flash Player 29.0.0.171 and earlier versions. It was fixed with the release of Flash Player 30.0.0.113. Experts say the hackers used Office files to exploit this Flash zero-day. Attackers would deliver Office files to victims that would load a malicious SWF file from a remote server and execute it inside the Office document.
Please select this link to read the complete article from Bleeping Computer.