Internet users may have to be more careful in navigating sites running Adobe’s Flash software, due to a new vulnerability being exploited in the wild.
Adobe, in a security advisory, said the newly discovered bug for CVE-2015-0313 is being “actively” exploited.
The critical vulnerability (CVE-2015-0313) exists in Adobe Flash Player 18.104.22.1686 and earlier on versions for Windows and Macintosh. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system,
Citing information it has received, Adobe said the bug is being actively exploited via drive-by-download attacks against systems running Internet Explorer and Firefox on Windows 8.1 and below.
According to our data, visitors of the popular site dailymotion.com were redirected to a series of sites that eventually led to the URL hxxp://www.retilio.com/skillt.swf, where the exploit itself was hosted. It is important to note that infection happens automatically, since advertisements are designed to load once a user visits a site. It is likely that this was not limited to the Dailymotion website alone, since the infection was triggered from the advertising platform and not the website content itself. Trend Micro detects this exploit as SWF_EXPLOIT.MJST and blocks the URL mentioned above. The ads from this particular infection chain appear to be down as of this writing.