There’s evidence a new piece of malware is being distributed taking advantage of a newly discovered weakness in Adobe Flash. Unknown exploits such as this are labeled “Zero Day” attacks. This references the number of days a strategy has been known and how security companies measure their responsiveness in shoring up defenses.
The new exploit works against fully patched versions of Flash, 10.2.153.1, on Windows, Mac and Linux. Reader and Acrobat are also vulnerable but the attacks currently seem to target Flash. The observed method of delivery has been by embedding a poisoned Flash movie inside a Microsoft Word document.
Your best defense? Be very careful opening any emails containing attached Word files. If you receive any emails with a Word file attached, pick up the phone and verify it’s something the sender wanted you to have.