Uninformed and misleading post (Score 2, Informative)

As a Flash programmer, I'm beginning to suspect that stories are posted here without any background verification or research. Many replies to this sensationalistic post offer criticisms of Flash while assuming a tone of expertise, all without even a glimmer of understanding about the basics of this technology. First of all, this "scripting engine" everyone's talking about is called the Flash player, which can exist as a plugin, or as a stand-alone executable. The scripting language is called Actionscript, and it's based on the ECMA-262 standard known as Javascript. The exploit uses a rarely-used feature called FSCommand, which allows the designer to control limited aspects of the Flash movie in a stand-alone executable player, NOT IN ANY BROWSER PLUGINS. For the sake of cutting through the thick hyperbole here, I'll repeat that again: this "virus" only works IF THE USER DOWNLOADS AND RUNS AN .EXE FILE, IT DOESN'T WORK THROUGH THE WEB BROWSER. This virus only works through the following process: 1. He writes an ".fla" Flash source file with animation and scripting, compiles it into a browser-readable ".swf" file. 2. He compiles the .swf further into an ".exe" file by including the stand-alone player into the original .swf. 3. A user downloads the .EXE file and executes it. Whoever's naive enough to run an .exe email attachment is beyond the protection of anti-virus software. This stuff is old news... Flash developers have achieved tricks with FSCommand that nobody's heard about outside of the Actionscript community, but they've never been exploitable to the extent of a real virus. The fact is that Flash cannot access system resources unless you're running it as an .exe executable file.