Users should update Adobe Flash when prompted to defend against new attacks in-the-wild

QUOTE: Adobe patched three new security flaws in its near-ubiquitous Flash Player, of which two were already being exploited in the wild. Attackers were specifically targeting Mozilla Firefox users, the company said. The two zero-day vulnerabilities, CVE 2013-0643 and CVE 2013-0648, were being exploited in targeted attacks where users were tricked into clicking on a link to a Website hosting malicious Flash files,  Adobe said in its security advisory released Tuesday. The company did not credit any organization or researcher who found the zero-day vulnerabilities, but credited IBM X-force for reporting the third security hole.