I think the implication in this specific context is that malicious people were exploiting the vuln in the wild prior to the fix being released