Good news everyone! I’ve written about the serious CVE-2015-0313 Flash Zero-Day when it came out two days ago. Today, 4th Feb 2015 (or 5th, in my timezone!) the fix for this zero-day exploit will ship via auto-update. Adobe just posted this to the Security Advisory.

Users who have enabled auto-update for the Flash Player desktop runtime will be receiving version 16.0.0.305 beginning on February 4. This version includes a fix for CVE-2015-0313. Adobe expects to have an update available for manual download on February 5, and we are working with our distribution partners to make the update available in Google Chrome and Internet Explorer 10 and 11. – Adobe

You should force an flash update on all your clients as soon as it’s finally out. (Maybe Adobe will post it, maybe their advisory will not receive any follow-up). Read my article Force Flash update by command line to learn how to do so.

More Info:

– Adobe Security Bulletin (includes updated information)