Nice blog from Adobe laying some authoritative smack down: http://blogs.adobe.com/psirt/2008/05/more_information_on_recent_fla.html

Yeah I know this is old news - I'm on the road . . . I was pretty sure the day that this released that this was Dowd's vulnerability . . . my Bluehat blog gives advice on how to ASLR enable Flash which should also be a good workaround if the exploit SWFs are using the same technique he used to get code execution.