Third Time Unlucky: Adobe Forced To Release Hatrick Of Unscheduled Security Patches

Adobe has scrambled to release its third unscheduled patch this month in an effort to fix a flaw impacting all versions of multimedia viewing software Flash Player.

Criminals targeting the vulnerability had been redirecting thousands of people to video sharing website Dailymotion, according to security researchers.

Zero-day vulnerabilities

It marks Adobe’s fourth security update in total within the past month. The first was released on January 13 as a part of Adobe’s regularly scheduled Patch Tuesday updates. The second and third updates were out-of-band patches to address zero-day vulnerabilities in Flash Player and were released on January 22 and 27, respectively. Adobe has not yet released a patch for the latest zero-day vulnerability reported yesterday, but plans to do so this week.

The latest patch will address a flaw known as known as CVE-2015-0313. Hackers have been impersonating legitimate advertisers to target the flaw with malicious adverts – a technique known as malvertising.

Internet users are tricked into clicking on an infected advert, which directs browsers to a URL where the exploit is hosted. The malware is then donwloaded automatically, creating a backdoor on the victim’s computer for hackers to install other malware or steal credentials such as credit card details.

Peter Pi, threat analyst at Trend Micro, wrote in a blog post: “We’ve seen around 3,294 hits related to the exploit and, with an attack already seen in the wild, it’s likely there are other attacks leveraging this zero-day, posing a great risk of compromise to unprotected systems.

“It is important to note that infection happens automatically, since advertisements are designed to load once a user visits a site. It is likely that this was not limited to the Dailymotion website alone, since the infection was triggered from the advertising platform and not the website content itself,”

In a statement, Adobe said: “We are aware of reports that this vulnerability is being actively exploited in the wild via drive-by-download attacks against systems running Internet Explorer and Firefox on Windows 8.1 and below.”

Flash Player users are urged to update the software or related plugin.

How much do you know about hackers? Take our quiz!