Update April 15 2:15 p.m.
A new version of flash has been released to address the vulnerabilities recently identified. It is available from the URLs below. The updated version is 10.2.159.1
Previous version was 10.2.153.1
http://get.adobe.com/flashplayer/
http://download.macromedia.com/get/flashplayer/current/install_flash_player.exe
A zero day exploit has been identified for Adobe Flash. As of this time, no patch has been issued. Additional information will be provided when it is made available.
New Adobe Flash Bug Being Used in Targeted Attacks Via Word Documents
AIT-ISO note: As was recommended in the past, users should not open Office (in this case Word) attachments from unknown sources.
Update April 14
A patch to address the flash vulnerability is scheduled to be released on April 15. The same vulnerability exists in Adobe Acrobat and Reader. Patches will be released for those applications during the week of April 25.
Update April 22
The flash code update for Adobe Reader and Acrobat has been released. Please do a check for updates within your Adobe pdf application.