Another Unpatched Adobe Flash Zero-Day vulnerability Exploited in the WildFebruary 2, 2015 – 12:03 PM
A critical vulnerability (CVE-2015-0313) exists in Adobe Flash Player 126.96.36.1996 and earlier versions for Windows and Macintosh. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. We are aware of reports that this vulnerability is being actively exploited in the wild via drive-by-download attacks against systems running Internet Explorer and Firefox on Windows 8.1 and below.
Adobe expects to release an update for Flash Player during the week of February 2.