Adobe warned its users about new zero-day vulnerability in Flash Player (CVE-2016-1019). The vulnerability is reportedly actively exploited by hackers. Hacker attack systems Windows 7 and Windows XP with Flash Player version 20.0.0.306 and earlier.
For now, there is not patch available, only mitigation. A mitigation introduced in Flash Player 21.0.0.182 currently prevents exploitation of this vulnerability, protecting users running Flash Player 21.0.0.182 and later. Adobe recommends users of Adobe Flash Player, who have not already done so, immediately update to the current version of Flash Player via the update mechanism within the product or by visiting the Adobe Flash Player Download Center.