Nice blog from Adobe laying some authoritative smack down: http://blogs.adobe.com/psirt/2008/05/more_information_on_recent_fla.html
Yeah I know this is old news – I’m on the road . . . I was pretty sure the day that this released that this was Dowd’s vulnerability . . . my Bluehat blog gives advice on how to ASLR enable Flash which should also be a good workaround if the exploit SWFs are using the same technique he used to get code execution.