On May 27 it was reported that Adobe Flash contained a vulnerability that allows an attacker to run code on a system with a vulnerable version of the Flash player installed. There are now reports that this vulnerability is actively being exploited.
Adobe recommends that all Flash users (both Windows and Mac) double-check the version they're running and update to version 9.0.124.0 if necessary. Adobe maintains a Flash Player web page that will, when visited from any browser, display the current Flash plug-in version. You must, however, run the check from each browser on your system. If you check your version of Flash, and it is not 9.0.124.0, click on the Downloads menu item "Get Flash Player." Download the software and run the installer.
More information about this vulnerability is available at US-CERT. The United States Computer Emergency Readiness Team (US-CERT) is a partnership between the Department of Homeland Security and the public and private sectors. Established in 2003 to protect the nation's Internet infrastructure, US-CERT coordinates defense against and responses to cyber attacks across the nation.