It's unclear how extensive the active attacks are, although Adobe's calling them "targeted" hints at a low volume of attempts aimed at specific individuals or companies.

Today's Flash Player update was the fourth this year -- the latest before Friday was on March 28 -- putting the frequently-patched program on about the same pace as last year, when Adobe issued a total of nine Flash security updates.

In March, Adobe addressed the frequent updating pain point -- at least for Windows users -- by shipping Flash Player 11.2, which uses a mechanism. The silent update is supposed to kick in in some situations to automatically patch the plug-in in IE, Firefox, Safari and Opera on Windows without notifying or bothering users.

At the time, Adobe said it would switch on silent updates " on a case-by-case basis," but hinted that the service would primarily be used to distribute patches for zero-day vulnerabilities, such as today's.

Friday, Adobe confirmed that it has, in fact, enabled Flash silent updates for Windows in this instance.