On the back of the Adobe Flash Zero-Day discovered in January, Trend Micro has found another. This Zero-Day, known as CVE-2015-0313 is being used in a malvertisement attack.
Researchers have identified active attacks using malicious advertisements or “malvertisements” against Microsoft Windows systems. This vulnerability has been confirmed by Adobe and the two companies are collaborating on this discovery to have a patch in place within the week. Trend Micro is advising that users to consider disabling Flash Player until this patch is released.
Malvertising does not impact a single website, but rather an entire advertising network. It allows for malware to be easily spread across a large number of legitimate websites without directly compromising the sites. Based on Trend Micro’s Smart Protection Network findings, the majority of users who previously accessed the malicious server reside in the United States.
Locally, this means that users must be aware that cybercrime is becoming increasingly prevalent and cybercriminals will target them through trusted avenues. Trend Micro users currently utilising Deep Security, Vulnerability Protection, Deep Discovery, Trend Micro Security, OfficeScan and Worry-Free Business Security are safe from potential attacks from this vulnerability.
* Follow Gadget on Twitter on @GadgetZA