Attackers are exploiting a previously unknown vulnerability in fully patched versions of Adobe's Flash Player so they can surreptitiously install malware on end users' computers, security researchers warned Tuesday.

So far, the attacks are known to target only government agencies as part of a long-running espionage campaign carried out by a group known as Pawn Storm, researchers from antivirus provider Trend Micro said in a blog post published Tuesday. It's not unusual for such zero-day exploits to be more widely distributed once the initial element of surprise wanes. The critical security flaw is known to reside in Flash versions and and may also affect earlier versions.

Read more: Latest Flash Exploit Used in Pawn Storm Circumvents Mitigation Techniques

Read more: Trend Micro finds Flash exploit utilized by Russian hackers in Pawn Storm attacks


Best advice:
for Chrome users
put this in your URL bar


press CTRL+F
Search for "PepperFlash"
select Disable

for Firefox users:
top right, search: FLASH
change to ask to activate/never activate