On Tuesday, Feb. 4, Adobe issued an out-of-band security update to fix a zero-day flaw in its Adobe Flash player running on Windows, Mac and Linux operating systems.
Adobe warned in its advisory that the vulnerability is being exploited in the wild. According to the advisory, the vulnerability could potentially enable an attacker to take control of a system that is at risk.
The vulnerability has been formally identified as CVE-2014-0497 and is an integer underflow vulnerability that could enable arbitrary code execution. Adobe credits researchers Alexander Polyakov and Anton Ivanov from Kaspersky Labs for helping report the issue.