Adobe has issued an advisory warning of a previously undiscovered security vulnerability in Flash Player.
The company said Monday the zero-day flaw exists in the latest version of Flash Player, version 220.127.116.116 (and earlier), and if exploited could cause a crash that allows an attacker to take control of the affected system.
Windows and Mac users are affected, along with Linux users (version 18.104.22.1680 and earlier).
Adobe confirmed it was aware of reports that the flaw was being actively exploited against Internet Explorer and Firefox users running Windows 8.1 and below.
Trend Micro, which contributed to finding the flaw along with Microsoft, said on its blog users should disable Flash until a fix is released.
The company confirmed a fix will arrive later this week, but did not say exactly when.