Flash remains pretty high on the list of software that allows a machine to be compromised. Including an unpatched flaw in the latest 11 version, known about publicly since early December:
http://secunia.com/advisories/product/38260/?task=advisoriesAll it takes is browsing the web, and one flash embed somewhere. Not shady sites either. Typically people sneak the code into an ad banner that could be seen on a ton of sites including high profile ones. Even if the ad network scans their content carefully for known exploits, unreported ones may still be abused before announced. Could also be lurking in actual video players or legitimate content, but mostly it comes from ad banners.
For people that must still use Flash on the desktop, I generally recommend uninstalling all versions, then use Google Chrome. It at least adds some more protection around the plugin that other browsers aren't.
Previous Topic
Index
