Attackers are exploiting a previously unknown vulnerability in fully patched versions of Adobe's Flash Player so they can surreptitiously install malware on end users' computers, security researchers warned Tuesday.

So far, the attacks are known to target only government agencies as part of a long-running espionage campaign carried out by a group known as Pawn Storm, researchers from antivirus provider Trend Micro said in a blog post published Tuesday. It's not unusual for such zero-day exploits to be more widely distributed once the initial element of surprise wanes. The critical security flaw is known to reside in Flash versions 19.0.0.185 and 19.0.0.207 and may also affect earlier versions.

Read more: Latest Flash Exploit Used in Pawn Storm Circumvents Mitigation Techniques

Read more: Trend Micro finds Flash exploit utilized by Russian hackers in Pawn Storm attacks

_______________________________________________

Best advice:
for Chrome users
put this in your URL bar

chrome://plugins/

press CTRL+F
Search for "PepperFlash"
select Disable
______________________

for Firefox users:
Press CTRL+SHIFT+A
top right, search: FLASH
change to ask to activate/never activate