According to new information, Adobe s security response team knew about the vulnerability since December 31, 2008 but it was misdiagnosed as a data loss corruption issue. Adobe quickly locked access to the bug ticket with a note that it was reclassified as a security bug . Read the full story on zdnet.com: The current zero-day attacks against Adobe Flash Player are not quite zero-days after all after they surfaced this week.
Source: https://threatpost.com/adobe-zero-day-flaw-eight-months-old-072409/72879/