Two exploit kits have been outfitted with the exploit for a Flash Player vulnerability that has been patched only a week ago, the researcher that goes by the handle Kafeine has shared on Tuesday. The integer overflow vulnerability in question can allow attackers to execute arbitrary code via unspecified vectors, and is deemed critical.
Initial information about it has been shared with Adobe via HP's Zero Day Initiative. Researchers are admittedly worried about the short period of time that passed between is patching and the exploit surfacing in the Fiesta and Angler exploit kits. As Kafeine notes, it's technically possible that the exploit was included in the kits even before the patch was available.Read more