Adobe released two bulletins today:
1 – Reader/Acrobat
This bulletin fixes three vulnerabilities. Adobe rates this one "Priority 1" meaning that these vulnerabilities are already exploited in targeted attacks and administrators should patch ASAP.
After the patch is applied, you should be running Acrobat/Reader 11.0.05 or 10.1.9 .
2 – Flash Player and Air
The flash player patch fixes two vulnerabilities. The Flash player problem is rated "Priority 1" for Windows and OS X. The Air vulnerability is rated "3" for all operating systems. For Linux, either patch is rated "3".
Patching flash is a bit more complex in that it is included with some browsers, in which case you will need to update the browser. For example Internet Explorer 11 and Chrome include Flash.
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.