Adobe has released APSA11-01 [1] to warn of a new critical vulnerability in Adobe Flash Player 10.x. The expected release is the week of March 21st. The vulnerability is described as: This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment. Adobe is not currently aware of attacks targeting Adobe Reader and Acrobat. Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing. This flaw does not affect Adobe Acrobat Reader 9.x for UNIX. [1] http://www.adobe.com/support/security/advisories/apsa11-01.html
Here is some additional information: http://blogs.adobe.com/asset/2011/03/background-on-apsa11-01-patch-schedule.html
APSB11-05 has been released to correct this flaw (flash player 10.2.153.1): http://www.adobe.com/support/security/bulletins/apsb11-05.html
This issue has been addressed in following products: Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2011:0372 https://rhn.redhat.com/errata/RHSA-2011-0372.html