According to Adobe's Product Security Incident Response Team (PSIRT), the security “hole” may be exploited by a hacker enabling them to take control over the targeted device and steal personal data. In order for that to happen, it is required that the victim opens the Word file and clicks on the harmful Flash file, embedded inside it. Luckily, a patch from Adobe is on the way, and the vulnerability only affects Android devices running Flash 10.2.154.25 or a version prior to it.
Of course, this isn't the first time Adobe Flash is in the scope of hackers targeting unsuspecting victims. After all, it was less than a month ago when we reported about a quite similar vulnerability. Our advice is to be careful when opening your email attachments, keep your software up to date, and always bear in mind that no mobile platform out there is a hundred percent secure.
source: PSIRT via Android Authority