Yet again, Adobe has released a new patch to fix a critical vulnerability that "could potentially allow an attacker to take control of the affected system," according to the company. Adobe acknowledged that the flaw (CVE-2015-3113) is "being actively exploited in the wild via limited, targeted attacks." Known affected systems run Internet Explorer for Windows 7 and below and Firefox on Windows XP, according to the patch details. Adobe says the following software can potentially be impacted:

Adobe Flash Player 18.0.0.161 and earlier versions for Windows and Macintosh

Adobe Flash Player Extended Support Release version 13.0.0.292 and earlier 13.x versions for Windows and Macintosh

Adobe Flash Player 11.2.202.466 and earlier 11.x versions for Linux

This newest flaw was uncovered through the help of FireEye security researchers. A Singapore-based FireEye team discovered the vulnerability in June by detecting a phishing campaign exploiting CVE-2015-3113. "The attackers’ e-mails included links to compromised Web servers that served either benign content or a malicious Adobe Flash Player file that exploits CVE-2015-3113," FireEye writes.

FireEye identified APT3, a China-based group also known as UPS, as responsible for these attacks (see more on the group in FireEye's report on Operation Clandestine Fox). APT3 has previously introduced other browser-based zero-day attacks against Internet Explorer and Firefox. FireEye notes APT3's tactics are difficult to monitor given there's little overlap between campaigns, and the group typically moves quickly ("After successfully exploiting a target host, this group will quickly dump credentials, move laterally to additional hosts, and install custom backdoors," the new report states). According to the security researchers, APT3 has implemented these phishing schemes against companies in aerospace and defense, engineering, telecommunications, and transportation this year.

FireEye's report on CVE-2015-3113 offers much greater detail than Adobe's patch notes. For instance, the typical phishing e-mails were spam-like offers for refurbished iMacs: