Adobe released its monthly security updates for January today, much earlier than its usual schedule of the middle of each month. The vendor accelerated the release of the patches because a zero-day vulnerability in Flash Player (CVE-2015-8651) was reportedly exploited in limited targeted attacks.
This zero-day vulnerability affects the following Flash Player versions in Windows, Mac OS X, Linux, and ChromeOS:
An attacker could exploit the vulnerability to remotely execute arbitrary code on an affected computer.
We recommend applying the Adobe patches to mitigate exploit attempts. Users can obtain updates directly from the Adobe Flash Player Download Center or by accepting the update prompt through their installed product. Users can fix Flash Player embedded in Chrome and Internet Explorer by updating their chosen browser.
Symantec offers the following detections in order to protect users from exploits that attempt to take advantage of CVE-2015-8651:
AV
IPS