Adobe has released yet-another emergency Flash update to address yet-another Zero-Day Exploit, a security hole that was not identified before it was exploited by the bad guys. Adobe is recommending Flash Player users to update to version 18.104.22.168 immediately.
An attack leveraging the exploit was reported by security research firm Fireeye, which dubbed the attack Operation GreedyWonk. This attack was redirecting, "at least three nonprofit institutions—two of which focus on matters of national security and public policy" to a website hosting the exploit.
"The threat actors likely sought to infect users to these sites for follow-on data theft, including information related to defense and public policy matters," Fireeye wrote in a blog post.
While Fireeye didn't speculate, the targets of the attack suggest that the bad guys are government players, but even if you aren't a policy wonk, if you have Flash, install this patch ASAP.
Adobe released another critical update on February 5th to address an unrelated security threat.
[Via Ars Technica]