VERY IMPORTANT

Malwarebytes has been observing a surge in drive-by download attacks since the recent Flash zero-day (now patched). This is due to the fact that the exploit has been integrated into several exploit kits and many end users have not yet patched their machines. Today, we noticed CVE-2015-5119 (the identifier for this vulnerability) being used in a rather unusual attack pattern. Instead of using an exploit kit, malicious actors have uploaded a rogue Flash ad which further launches another Flash file containing the zero-day exploit.