Without a fix this bug could let hackers seize your computer.
Adobe has released a critical update to its Flash player which could have allowed hackers to take control of vulnerable computers.
The software company was forced to act after Google security engineer Michele Spagnuolo created a tool capable of converting swf flash files into malicious code.
"High profile Google domains and YouTube were vulnerable and have been recently fixed," Spagnuolo said.
He added that he had contacted Twitter, eBay, Tumblr and Instagram about the problem, and subsequently Twitter had resolved it.
Spagnuolo described the bug as a "well known issue" within digital security, but said that "big players in the industry" had put off solving the problem "until a credible proof of concept was provided".
Yesterday he released the exploit tool Rosetta Flash publicly to demonstrate how the bug worked.
Adobe said: "These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system.
"Adobe recommends users update their product installations to the latest versions."
The patch has been rolled out on Microsoft’s Internet Explorer 10 and 11, and Google Chrome, as Flash is directly incorporated into the browsers, but users of Firefox, Opera and Safari are advised to update manually.