Internet users who regularly visit any number of popular websites were warned Tuesday to update their Flash players after a security researcher discovered that Adobe had inadvertently left millions of customers vulnerable to hackers.

Anyone who regularly uses Tumblr, eBay Inc. (NASDAQ:EBAY), Olark, and dozens of others were put at risk because of a “weaponized” flaw that exposed users’ authentication credentials. The discovery was made by researcher Michele Spagnuolo, a respected leader within the InfoSec community, and compelled Google Inc. (NASDAQ:GOOG), Microsoft Corp. (NASDAQ:MSFT), and Instagram to patch the error.

Users who rely on Flash, a software employed by countless interactive web pages, are advised to check their version and make sure it’s no less than Google Chrome and Internet Explorer 10 and 11 likely refresh the update automatically, but Firefox should consider downloading the security fix directly from Adobe.

It’s also possible to simply disable the Flash player within browser settings.