According to a recent post on Microsoft's Malware Protection Center Blog, public exploitation of the vulnerability started on June 15th, but those attacks were probably undertaken by other researchers, since they were targeted and rather limited.
After that, the attacks became more widespread, and the targets more numerous. Microsoft claims that as of yesterday, over 10,000 separate computers have reported witnessing this attack. Computers in Portugal and Russia have seen by far the highest concentration of attacks:
The attacks only increased with time. Microsoft started seeing "seemingly-automated, randomly-generated HTML and PHP pages hosting this exploit", and the goal of the attacks was to plant Trojans and viruses on the targeted system.For those users who don't use Microsoft's security solutions with updated signatures for the detection of the exploit, the company advises implementing the workaround listed in the advisory.
netizens left a footprint.