On Wednesday, Adobe confirmed reports from Trend Micro surrounding a new vulnerability in Flash that's being used in attacks against high-profile targets in government affairs.The vulnerability has been tied to a number of Phishing campaigns that are part of what Trend Micro is calling Operation Pawn Storm. Some of the earliest attacks date back to June of 2014."Pawn Storm is a long-running cyber-espionage campaign known for its\u00a0high-profile targets\u00a0and usage of the first Java zero-day we\u2019ve seen in the last couple of years... In our latest research, we find that the Russian spies behind Pawn Storm apparently do not discriminate," Trend explained."In this most recent campaign, Pawn Storm targeted several foreign affairs ministries from around the globe. The targets received\u00a0spear phishing e-mails that contained\u00a0links leading to the exploit. The emails and URLs were crafted to appear like they lead to\u00a0information about current events..."In their advisory, Adobe confirmed Trend's findings, and said that a patch for the newly circulated Flash vulnerability will be issued sometime next week."A critical\u00a0vulnerability (CVE-2015-7645) has been identified in Adobe Flash Player 22.214.171.124 and earlier\u00a0versions for Windows, Macintosh and Linux.\u00a0Successful exploitation could cause a crash and potentially allow an\u00a0attacker to take control of the affected system. Adobe would like to thank Peter Pi of Trend Micro for reporting CVE-2015-7645 and for working with Adobe to help protect our customers," the advisory said.While it might be easier to recommend uninstalling Flash, the reality is that such an option isn't available in most corporate environments. However, limiting access to Flash, and preventing it from running unless needed (such as what's done in Firefox) makes sense \u2013 especially now.But, if Flash isn't needed - remove it. Thanks to HTML 5, most applications online work fine without it.