Hackers are rushing to exploit a zero-day Flash vulnerability to plant surveillance software before organisations have time to update their systems to patch the weakness. Uncovered by researchers at Kaspersky Lab on Monday, the CVE-2017-11292 Adobe Flash vulnerability allows attackers to deploy a vulnerability which can lead to code execution on Windows, Mac, Linux, and Chrome OS systems. The exploit enables the delivery of malicious Word documents bundled with malware for example to allows attackers to snoop on communications, eavesdrop on video messages and calls, and steal files.