Because malware developers have made it easier than ever before to exploit a specific vulnerability in Adobe’s Flash Player (2018-4878), there is a rise in attacks that exploit the leak. Abusing the vulnerability in Flash Player is so easy because a method to exploit the leak has been added to document exploit builder software called ThreatKit.
Now that ThreatKit is equipped with a method to exploit the Flash Player vulnerability, also less tech-savvy cybercriminals can abuse the security issue. With ThreatKit, cybercriminals can fairly easy construct their own malware that exploits Office documents.
In case of the Flash Player vulnerability, it affected Office documents that had a Flash file embedded. When properly exploited it allowed an attacker to execute arbitrary code, which means the system was fully compromised. Simply opening the document was sufficient to become infected. The issue was already patched in February but security researchers report they see an increase of attacks exploiting the vulnerability.
Adobe therefore recommends users to immediately update their Flash Player to 28.0.0161. On the Adobe website you can check what version is currently installed on your system.