Adobe said it was aware of a report of “limited, targeted attacks” against unprotected versions of the software.
“These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system,” the company said in a statement.
“Adobe recommends users update their product installations to the latest version.”
But some websites and services have been abandoning Adobe for security reasons.
Facebook this month said it was switching software for its embedded videos while adding that “we are continuing to work together with Adobe to deliver a reliable and secure Flash experience for games on our platform.”
Apple notably dropped the use of Flash in its iPhones several years ago, and earlier this year Amazon said it had stopped accepting advertising in Flash format.
Google also blocked Flash ads from its Web browsers this year by converting the content to a different format known as HTML5.
The moves come amid concerns that hackers could insert malicious software into video ads, a technique known as “malvertising.”
Security blogger Brian Krebs said that Internet users should at least update their Flash programs or “better yet, get rid of Flash altogether, or at least disable it until and unless you need it.”