New Flash Player 0-day exploited in malvertising attacks

A new Adobe Flash Player zero-day flaw is being actively exploited in the wild via the Angler exploit kit, Trend Micro threat analyst Peter Pi has warned.

The flaw (CVE-2015-0313) affects Adobe Flash Player 16.0.0.296 and earlier versions for Windows and Macintosh, and is currently being aimes at running Internet Explorer and Firefox on Windows 8.1 and below.

The active attacks have been first spotted by Trend Micro researchers.

“According to our data, visitors of the popular site dailymotion.com were redirected to a series of sites that eventually led to the URL hxxp://www.retilio.com/skillt.swf, where the exploit itself was hosted,” they explained.

“It is important to note that infection happens automatically, since advertisements are designed to load once a user visits a site. It is likely that this was not limited to the Dailymotion website alone, since the infection was triggered from the advertising platform and not the website content itself,” they added.

Since the zero-day affects the latest version of the software, users are advised to disable Flash Player until a fixed version is released – according to Adobe, during the week of February 2.