The security flaw affects every version of Flash Player and remained undetected until the catastrophic Hacking Team data breach.
Adobe devs must be working overtime to fix the latest vulnerabilities revealed through the Hacking Team cyberattack.
Monthly security update addresses two dozen vulnerabilities, including one being exploited as part of the "Sandworm" cyberattack.
An Internet Explorer 8 vulnerability goes unfixed by Microsoft for more than half a year, reports the Zero Day Initiative.
Adobe and Microsoft patch a critical zero-day security flaw in Adobe's Flash Player that is actively being used to target Windows users, but the bug is different from an unpatched hole in Internet Explorer.
The flaw, which is being leveraged in "limited, targeted attacks," allows remote code execution, Microsoft warns.
In lieu of a fix, Microsoft offers workarounds to combat the bug that has left browser users open to attacks.
A fix for a vulnerability hitting Internet Explorer versions 6 through 8 will be rolled out today at 10 a.m. PT.
Next week's patches will shore up holes in Windows and Office, but a permanent fix for the latest bug in Internet Explorer is still in the works.
Google wants technology firms to cut down on the amount of time it takes to fix zero day vulnerabilities, but some are crying foul.