なんと

Earlier this week Adobe released security updates for several of their products and now the CVE-2010-2110 vulnerability in Flash Player is actively being used in drive-by and spear-phishing attacks. Websense customers are protected from this scam by ACE, our Advanced Classification Engine.
The vulnerability is triggered when a website is viewed in a browser that has the Adobe Flash Player plugin installed by a simple command that loads a malicious SWF file, as can be seen in this sample code as seen by the Websense ThreatSeekerR Network:

Home | Forcepoint Support

関連URL

• CVE-2011-2110 for Adobe Flash Player being exploited in the wild - Security Labs