Adobe announced today an emergency update only to be released on Thursday June 16. The upcoming patch will set a zero-day (where else?) In Flash Player, which is currently being used for targeted attacks.
According to Anton Ivanov and Costin Raiu of Kaspersky, the vulnerability usesalready in targeted attacks.
The vulnerability ID listed for this zero-day is CVE-2016-4171, and Adobe says it affects Flash Player 21.0.0.242 and earlier versions, running on Windows, Macintosh, Linux and Chrome OS.
Flash Player 21.0.0.242 is its latest version companys. So this means that the zero-day affects all systems that use Flash.
The vulnerability helps an attacker crash a Flash Rlayer installation in an unsafe manner, which then allows him to run malicious code on the victim's system and take charge of its management.
If you are using Flash Player, immediately disable the application, or plugin, until at least the Adobe ch patch is released…
