The Register - Office falls to Flash attack being sold in exploit kit to scumbags
ThreadKit incorporates Adobe Flash flaw fixed in February
In case you needed another reason not to open Adobe Flash or Microsoft Office files from untrusted sources, the ThreadKit exploit building app has incorporated a recently Flash patched vulnerability, allowing less-than-expert hackers to more easily conduct attacks through Office files.…
from The Register - Security http://go.theregister.com/feed/www.theregister.co.uk/2018/04/09/office_file_attack_reloaded_in_exploit_builder/