Adobe warns of another new critical flaw in Flash
Unlike a lot of the Flash warnings we see, however, this one is actively being exploited, and a successful attack allows untrusted code to be remotely executed. That's bad, especially since Adobe's post states that the patch won't be arriving for about two weeks.
Flash can't seem to catch a break, can it? If it's not being slammed for hogging CPUs, running down batteries, and not being "open," it's being smacked around by yet another security shortcoming.
Adobe products continue to be a juicy target for bad guys, and so far, Adobe's increased attention to security seems to be making little difference -- except, perhaps, for calling more attention to little vexations like this one.