Flash is used by 9.9 percent of all websites, according to statistics collected by W3Techs, and is an ongoing security headache for administrators. Adobe fixes the flaws promptly, but attackers and researchers continue to find vulnerabilities by the dozens each month.
Though Pawn Storm is using the exploit to target foreign ministries, the exploit will likely find its way into other crimeware kits and be used in other attacks. Malvertising attacks frequently target Flash, for example.
While Adobe expects to release a patch next week, users are once again encouraged to disable Flash in their browsers until then. Another option is to enable Click-to-Play for Flash in Chrome and other browsers that support this feature.
Sign up for Computerworld eNewsletters.