Adobe is trying to secure its flash player, saying that an update may be available today for a zero day exploit that was found in the wild.
Security firm Trend Micro discovered a vulnerability which affects all Adobe Flash Player versions. It was assigned as CVE-2015-7645, and rated critical.
In a security bulletin issued on Wednesday, just hours after the company’s monthly security bulletin, Adobe warned that "successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system."
Writing on their company blog, Trend Micro identified that the attackers behind the Pawn Storm attack were using the exploit as part of its high profile cyber espionage campaign.
Trend Micro said: "The targets received spear phishing e-mails that contained links leading to the exploit, which were similar to those that targeted NATO members and the White House earlier this year."
Security firm Malwarebytes said in a post that users who have the latest version of Flash could be exposed to the exploit even on sites that they trust.
Flash has long be criticised for its security vulnerabilities, which increased 66% in the first half of this year, compared with the whole of 2014.