Adobe Systems Inc. has issued an out-of-band security patch for Flash Player, blocking a serious zero-day vulnerability that could enable an attacker to take complete control of a victim's system.
The Flash Player vulnerability also affects Adobe Reader and Adobe Acrobat 9.3.4 for Windows, Macintosh and Unix.
"There are reports that this vulnerability is being actively exploited in the wild against Adobe Flash Player on Windows," Adobe said in its advisory. "Adobe is not aware of any attacks exploiting this vulnerability against Adobe Reader or Acrobat to date."
Adobe said it would issue an update for Reader and Acrobat the week of Oct. 4, a week ahead of the applications' scheduled quarterly patch release. The company said those using Adobe Reader or Acrobat 9.3.4 or earlier on Windows can use Microsoft's Enhanced Mitigation Evaluation Toolkit (EMET) to help prevent the vulnerability from being exploited.