Another Unpatched Adobe Flash Zero-Day vulnerability Exploited in the Wild
Warning for Adobe users! Another zero-day vulnerability has been discovered in Adobe Flash Player that is actively being exploited by cyber crooks in drive-by download attacks, security researchers warned today.

This is for the third time in last few weeks when Adobe is dealing with a zero day vulnerability in Flash Player. The Adobe Flash Player Vulnerability identified as CVE-2015-0313, exists in the latest version of Flash Player, i.e. version and earlier.

In late January, Adobe released an updated version of its Flash player software that patches zero-day vulnerability, tracked as CVE-2015-0311, spotted by French security researcher Kafeine. This Adobe Flash Player Vulnerability was also being actively exploited via Malvertisement and drive-by-download attacks.

In case of a "drive-by-download" attack, an attacker downloads a malicious software to a victim's computer without their knowledge or explicit consent. As a result, the flaw could allow remote attackers to take control of victims' Macs or PCs.

On January 22, the company released an emergency update for second zero-day flaw, identified as CVE-2015-0310, that was circulating and exploited by Angler malicious toolkit.

In a security advisory released Monday, Adobe officials said that they are working on a patch and planning to release it sometime this week. The Adobe Flash Player zero-day vulnerability targets computers running all versions of Internet Explorer and Mozilla Firefox, on Windows 8.1 and earlier. In addition to Windows, the flaw affects Flash on OS X and Linux.

This newest zero-day vulnerability in Flash reportedly is being used by the Angler kit, as well. If successfully exploited, the vulnerability could cause a crash and potentially allow criminal hackers to take control of the affected system.

Cybercriminals are currently using this zero-day flaw in a malvertising campaign on a popular video sharing site Dailymotion, with other websites thought to be affected as the infections were launched via advertising platform and not the website content itself.

Visitors to any of the affected sites would have been redirected to a series of websites and finally landed on a page controlled by attackers, hosting an exploit kit. This exploit kit would attempt to compromise the target system by exploiting the Adobe Flash zero-day flaw.

Security firm Trend Micro, who reported the zero-day to Adobe, had been tracking this Flash zero-day vulnerability since January 14 and had been working with Adobe to fix the issue.
Trend Micro said it had "seen around 3,294 hits related to the exploit". The firm is recommending users "consider disabling Flash Player until a fixed version is released".
"We are aware of reports that this vulnerability is being actively exploited in the wild via drive-by-download attacks against systems running Internet Explorer and Firefox on Windows 8.1 and below," Adobe said in its own advisory.
Adobe didn't specify the day on which the patch would be released, but said it would release a fix for this "critical vulnerability" this week. Users who are concerned about this security issue can temporarily disable Adobe Flash in the browsers.

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh and Linux in order to patch a zero-day vulnerability, identified as CVE-2015-0313, that could potentially allow an attacker to take control of the affected system.

The company recommends its users to update their software installations to the latest versions:
  • Users of the Adobe Flash Player desktop versions for Windows and Macintosh should update to Adobe Flash Player
  • Users of the Adobe Flash Player Extended Support Release should update to Adobe Flash Player
  • Users of Adobe Flash Player for Linux should update to Adobe Flash Player
  • Adobe Flash Player installed with Google Chrome, as well as Internet Explorer on Windows 8.x, will automatically update to version

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.