New Zero-Day Vulnerability Affects Adobe Flash

A new zero-day vulnerability that affects Adobe Flash has been discovered, and is already being exploited by cybercriminals. One of the samples obtained by Trend Micro's Smart Protection Network show that it's the same zero-day exploit that security researcher Kafeine had reported only hours earlier.

A quick summary of the most important details about this particular vulnerability:

• It is affecting the latest versions of Adobe Flash Player.
• It is being exploited to install malware onto vulnerable systems.
• The exploit kit being used in this particular instance is identified as the Angler exploit kit that uses new techniques to hide its malicious routines.
• By tracking the most recent victims of the Angler Exploit kit, we believe that most of this vulnerability’s victims come from the US (84%) with a handful coming from Australia and Taiwan (9% and 5% respectively).
• Based on attacks seen so far, the installed malware’s main function is to perform ad fraud against ad networks.

What is ad (advertisement) fraud? Ad fraud is done by a program designed to automatically click on certain ads on a certain website, artificially inflating the amount of clicks that ad gets. Since ad networks pay the owner of the website hosting their ads based on the amount of click each ad gets, ad fraud games the system by tricking the hapless ad network to pay more.

This may sound harmless as it doesn’t necessarily affect users, but the fact that it does install malware onto your system –which in turn may download and install other, more damaging and harmful malware onto your system – makes this particular vulnerability something to be aware of.

[From the Security Intelligence Blog: Flash Greets 2015 With Zero-Day]

A patch to address this vulnerability hasn't been released. In the meantime, users can turn Adobe Flash Player off for the time being. It has also been noted that Chrome's Flash Player plugin and Firefox is not affected by this threat.

January 22 Update: The exploit now targets Firefox, along with Internet Explorer. Chrome is still unaffected. Users who can't disable Flash Player can consider installing ad blocking software or browser extensions.