This article is more than 4 years old

As they promised earlier this week, Adobe has released an emergency security update for Flash Player, protecting against a vulnerability (known as CVE-2016-1019) that is being actively exploited by hackers.

Here’s what Adobe is saying in its latest security bulletin:

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and ChromeOS. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system. Sign up to our newsletter

Security news, advice, and tips. Adobe is aware of reports that CVE-2016-1019 is being actively exploited on systems running Windows 10 and earlier with Flash Player version 20.0.0.306 and earlier.

As security firm Proofpoint describes, the CVE-2016-1019 vulnerability in Flash is being exploited by malicious hackers to spread the Cerber ransomware via use of the Magnitude exploit kit.

If none of that makes sense to you, I’ll make it very simple: update Adobe Flash now, or get rid of it altogether.

If you’re not quite ready to take the step of entirely uninstalling Flash, then you should at the very least consider enabling “Click to Play”, which stops Flash elements from being rendered in your browser unless you give specific permission.

And remember, Flash isn’t just a security headache for Windows users. This vulnerability is also present in the Mac OS X, Linux and ChromeOS editions of Flash Player.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.