If I'm understanding this correctly, this is a one year old vulnerability that has been actively exploited by everyone and his mother and not patched until now?
If so then it is yet another obvious reason to stop using flash now.
A Flash vulnerability subject to emergency patching by Adobe has been used in all major exploit kits to compromise users not already updated. The vulnerability (CVE-2015-7645) patched in October last year was the first zero day since Adobe implemented more hardened security. It was also the most pervasive among the …