The exploit kits Blasco refers to are commercial crimeware tools like Black Hole that are available to a large number of cybercriminals and which are generally used in attacks that have a much wider scope than APT campaigns.
It's highly possible that the exploit is already being used as part of such exploit kits, said Metasploit engineering manager Tod Beardsley, Tuesday via email. The exploit used in the new Metasploit module was obtained from existing attacks and there are similarities between it and prior exploits known to be used in such tools.
In particular, the exploit contains system fingerprinting code that's not actually used, which suggests the original author is at least familiar with prior exploits found in exploit packs, Beardsley said.
According to Chen, the junk fingerprinting code appears to have been reused in various exploits since at least 2012.
Microsoft's next batch of security updates is scheduled for Oct. 8, but it's not clear if the company will issue a permanent patch for this particular vulnerability at that time.
Beardsley hopes it will. "The Fix It is effective, so I hope it would be straightforward to patch properly," he said.