Ladies and gentlemen, rev up your Flash Player update engines.
Adobe has shipped a new version of the ubiquitous software to fix at least seven documented security holes affecting Windows, Mac OS X, Linux and Solaris users.
According to Adobe, these vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.
It also patches a universal cross-site scripting vulnerability that could be used to take actions on a user's behalf on any website or webmail provider, if the user visits a malicious website.
Adobe has acknowledged reports that the cross-site scripting flaw "is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an e-mail message (Internet Explorer on Windows only).
Adobe recommends users of Adobe Flash Player 11.1.102.55 and earlier versions for Windows, Macintosh, Linux and Solaris update to Adobe Flash Player 11.1.102.62. Users of Adobe Flash Player 11.1.112.61 and earlier versions on Android 4.x devices should update to Adobe Flash Player 11.1.115.6. Users of Adobe Flash Player 11.1.111.5 and earlier versions for Android 3.x and earlier versions should update to Flash Player 11.1.111.6.
The raw details: