The description of the vulnerability seems to indicate that the vulnerability would affect websites and therefore be limited to corrupting only the website, but maybe not affecting the home user and their computer?
What do you read from it, Jason?
It can definitely affect the home user although I can see how the description looks like it might not.. Basically, if a website has Flash code that uses the vulnerability, it can take over your machine (Windows) or escalate privileges (Linux or Mac). Adobe's security advisory
is clearer. I probably should've used it instead. I also noticed the Adobe advisory says some versions of 7.x are affected as well. Here the first part of it (emphasis mine). I just left out all the detailed technical information regarding the fixes which you can read by visiting the Adobe link above.
Flash Player update available to address security vulnerabilities
Release date: December 18, 2007
Vulnerability identifier: APSB07-20
CVE number: CVE-2007-6242, CVE-2007- 4768, CVE-2007-5275, CVE-2007- 6243, CVE-2007- 6244, CVE-2007- 6245, CVE-2007-4324, CVE-2007- 6246, CVE-2007-5476
Platform: All platforms
Affected software versions: Adobe Flash Player 184.108.40.206 and earlier, 220.127.116.11 and earlier, and 18.104.22.168 and earlier.
Critical vulnerabilities have been identified in Adobe Flash Player that could allow an attacker who successfully exploits these potential vulnerabilities to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit these potential vulnerabilities. Users are recommended to update to the most current version of Flash Player available for their platform.
Affected software versions
Adobe Flash Player 22.214.171.124 and earlier, 126.96.36.199 and earlier, and 188.8.131.52 and earlier.
To verify the Adobe Flash Player version number, access the About Flash Player page, or right-click on Flash content and select "About Adobe (or Macromedia) Flash Player" from the menu. If you use multiple browsers, perform the check for each browser you have installed on your system.
Adobe recommends all users of Adobe Flash Player 184.108.40.206 and earlier versions upgrade to the newest version 220.127.116.11 (Win, Mac, Linux), by downloading it from the Player Download Center, or by using the auto-update mechanism within the product when prompted.
Adobe will be providing an update to Adobe Flash Player 18.104.22.168 for Solaris at a later date. Customers can download and install the Flash Player public beta, which addresses these vulnerabilities, from the Adobe Labs site in the meantime.
For customers who cannot upgrade to Adobe Flash Player 9, Adobe has developed a patched version of Flash Player 7. Please refer to the Flash Player update TechNote.
Adobe categorizes this as a critical update and recommends affected users upgrade to version 22.214.171.124 (Win, Mac, Linux).
Been trying out NoScript again for blocking Flash until Mandriva issues a fix but it's an ugly solution at beast. This might be better:FlashBlock
Basically, it blocks all Flash and puts placeholders (little play buttons) that allow you to play Flash stuff you actually want to view. Used to use this. The actual intention of the extension was to block all those annoying Flash ads you see online so this would be just a side benefit