Adobe announce security vulnerability, should be fixed Nov 9
Adobe have recently announced that there is a security vulnerability in some of their software, including Flash for Android. In particular, Adobe Flash Player 10.1.95.2 and earlier versions. It is worth noting that Adobe is not currently aware of attacks targeting Flash, but our advice is to be safe and switch to on-demand plugins (Settings -> Enable Plug-ins -> On Demand).
This vulnerability (CVE-2010-3654) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Adobe Reader and Acrobat 9.x. Adobe is not currently aware of attacks targeting Adobe Flash Player.
Adobe have committed themselves by stating that they shall have an update available for the problem by November 9. For their sakes, we hope they come through. It seems to me that they must be on top of the flaw and know how to fix it, otherwise they would have been unable to know how long it will take and therefore when the update shall be release.