In an unprecedented move, Microsoft has issued a critical advisory urging users to apply a critical update from Flash Player update from Macromedia.
The vulnerability first reported by eEye Digital Security and Sec Consult, can allow malicious parties to inject unauthorized code, using invalid array indexes, to be executed by Flash Player. This vulnerability is browser independent. Users who have already upgraded to Flash Player 8 are not affected by this issue. Macromedia recommends all Flash Player 7 and earlier users upgrade to this new version, which can be downloaded from the Macromedia Player Download Center.
Several forums including Neowin.net allow users to add flash files in their avatars or signatures. Therefore the impact of this issue is far reaching.