One of the things that scares me about Flash coming to the BlackBerry OS and coming baked into the upcoming QNX Tablet OS is that it is one of the most insecure exploited platforms out there. Just this week we have yet another report of a Flash vulnerability that can let a malicious coder crash your system and even take control of it. It essentially put into question the security of every Windows, Mac, Linux, Solaris, and Android device which has Flash installed.
So this makes me wonder how RIM is going to handle the inherent insecurity of Flash on which the Adobe Air platform is built on. I am sure QNX has ways to keep things segregated with all of their government and security certifications but this seems like a huge challenge for me. RIM also constantly struggles with their Adobe PDF distiller vulnerabilities in BES every few months.
This vulnerability (CVE-2010-3654) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Adobe Reader and Acrobat 9.x. Adobe is not currently aware of attacks targeting Adobe Flash Player.
Adobe plans on putting out a fix by November 9th leaving hackers a little over a week to run wild. I am just hoping RIM finds a way to not compromise the security of a BlackBerry device with its Flash implementation.