The creators and maintainers of exploit kits often rely on public reports of new exploits and proof-of-concept exploit code in order to be able to add new exploits to their software. In mid-October, details of a new Java vulnerability emerged in various places. Researchers say they began seeing new versions of the kits, which included the exploit for CVE-2011-3544, in the last few weeks, even before a patch was available. That s a somewhat unusual occurrence in exploit-kit land.
Source: https://threatpost.com/exploit-kits-now-updated-new-wares-patches-are-ready-122011/76015/