Adobe has released 'Adobe Flash Player version 188.8.131.52'. These updates address an object confusion vulnerability (CVE-2012-0779) that could cause the application to crash and potentially allow an attacker to take control of the affected system.
There are reports that the vulnerability is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious file delivered in an email message. The exploit targets Flash Player on Internet Explorer for Windows only.
Adobe recommends users of Adobe Flash Player 184.108.40.206 and earlier versions for Windows update to Adobe Flash Player 220.127.116.11. Flash Player installed with Google Chrome was updated automatically, so no user action is required.
Adobe has two different MSI packages available for download. One MSI (full_flashplayer_win_msi) is targeted for Internet Explorer users. The another (full_flashplayer_win_pl_msi) is targeted for Pluged-in based browsers like Firefox. With the introduction of Adobe Flash Player 11, Adobe now also has separate MSI packages per architecture (32 bit / 64 bit). These can be downloaded from the Adobe Flash Player download page here or by using these links:
The 'Adobe Flash Player Administration Guide for Flash Player 11.2' describes the administration of Flash Player 10 as well as version 11. How it's installed, how it works, and how you can control it to suit the needs of a specific network environment. This document is intended for IT or administrative professionals who manage the installation or use of Flash Player for multiple users in a controlled environment. The Adobe Flash Player Administration Guide contains chapters which cover the Flash Player environment, installation of the Player, Administrator settings, User-configured settings and Security considerations. You can download it here.
It also contains information about a configuration file called mms.cfg with which can you switch off the AutoUpdate feature. The mms.cfg can be added to a transform file for this MSI and then be included in the installation: