Looks like we can’t have two weeks without a flash 0-Day. Today, Feb 2nd, Adobe released another security advisory revealing CVE-2015-0313. Adobe says that they’re aware of this Flash exploit being actively abused (they’re probably referring to the TendMicro blogpost).
Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. – Adobe
TendMicro reports that users of “dailymotion.com” were infected by an ad loading a SWF which used the discovered zero-day. Adobe wants to release a fix for this particular zero-day later this week. I doubt CVE-2015-0313 won’t be the last Flash zero-day we’ll see this year. As soon as new information is released, I’ll update this blogpost.
You can force a Flash Player update as soon as the new version is released.