Today just as Adobe released a giant update for Flash and Reader that resolves numerous critical vulnerabilities, TrendMicro announced that they have discovered another new unpatched zero-day exploit in Flash. This exploit is actively being used by the Pawn Storm cyber-espionage campaign in spear-phising emails against several Ministries of Foreign affairs.  These emails contain news stories that when clicked lead to web pages hosting the exploit code.

Unfortunately, this vulnerability exists in the today's release of Adobe Flash 19.0.0.207 and there is currently no known way of blocking it.  TrendMicro has notified Adobe and working with them to resolve this exploit.

Related Articles:

New Fallout Exploit Kit Drops GandCrab Ransomware or Redirects to PUPs

Adobe September 2018 Security Updates Fix 6 Critical Vulnerabilities

jQuery File Upload Plugin Vulnerable for 8 Years and Only Hackers Knew

Adobe Releases October 2018 Security Updates. None for Flash Player!

Adobe Releases Security Updates for Acrobat that Fix 86 Vulnerabilities