SANS Internet Storm Center has a PATCH NOW rating on this “zero day” exploit circulating in the wild
https://isc.sans.edu/forums/diary/Critical+Adobe+Flash+Update+Patch+Now/21167/
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html
Adobe did not release a patch for Flash on Tuesday, but instead alerted users of an unpatched, and actively exploited, vulnerability (CVE-2016-4171). Today, Adobe did release a patch that fixes this vulnerability (and others). This is a “PATCH NOW” vulnerability that needs to be addressed as soon as possible.
MICROSOFT HAS JUST RELEASED “OUT OF BAND” UPDATE ALSO
Windows 8 and Windows 10 have Adobe Flash patching built into Windows Update (and please update as automatically prompted)
https://technet.microsoft.com/library/security/ms16-jun
More on specific vulnerability can be found here which is circulating in limited targeted attacks:
https://helpx.adobe.com/security/products/flash-player/apsa16-03.html