An additional zero-day vulnerability in Adobe Flash Player and is exploited by cybercriminals through a malicious campaign on the Dailymotion video sharing website.
The security slot assigned to the identifier CVE-2015-0313, concerns him Flash Player 126.96.36.1996 and exploit it is delivered to computers running all its versions Internet Explorer and Mozilla Firefoxwith Windows 8.1 and earlier as reported by Adobe in a security advisory posted on Monday.
The initial analysis conducted by security researchers suggests that the code exploiting the vulnerability is delivered by the Angler exploit kit, a malicious tool that has been used for two others zero-days which prompted Adobe to release out-of-band security updates for Flash.
Peter Pi's threat analyst Trend Micro reports that the results of the survey show that Dailymotion's visitors are routed to multiple sites, ending up on a page that hosts the exploit (retilio [.] Com / skillt [.] SWF).
Pi has credited the vulnerability report to Adobe, along with Elia Florio and Dave Weston microsoft.
"It's important to note that the infection is automatic, as ads are designed to be loaded once when a user visits a site. It is likely that this is not limited to its website Dailymotion, as the infection was caused by the advertising platform and not by the content of the site itself, "said Pi, a blog post.
Trend Micro watches the assault by 14 January and a week later, on 27 January, noticed increased activity associated with malicious IP.
This was the day when Adobe published the security advisory release announcing that Flash Player 188.8.131.526 closed one, then, second zero-day (CVE-2015-0311) and became available for all supported platforms.
According to telemetry data from Trend Micro, most of the systems that were compromised through this attack are from the United States as they noticed 3.294 hits associated with exploit. At this time, the malicious ads associated with the attack being tracked by Trend Micro seems to be inactive.
However, researchers warn that other attacks can exploit zero-day vulnerability in Flash Player and suggest disabling browser plug-in until h Adobe release a safe version. Given the criticalness of the issue, an update is expected to appear this week.
However, the security researcher yesterday Caffeine said that exploit kit used for attacks is not that Angler, but another tool called Hanjuan Exploit Kit.