With a great plugin comes great responsibility - to avoid malicious Flash files, that is. A zero-day exploit has been discovered in Adobe Flash that affects all Android versions of the software, Adobe announced today.
The most common vessel for the exploit is (fortunately) a Microsoft document (.doc) email attachment with an embedded Flash file (.swf) - and I'm not aware of any Word document viewers/editors in Android that support embedded Flash. Once the Flash file is executed, the exploiter can run malicious code on the target device. How, or whether, this could affect Android is unknown.
Still, it's important to remember that Adobe's products, ever the target of hackers and shady enterprise, share common elements across operating systems - including, at times, potentially dangerous flaws and exploits.
Presumably, Adobe will be releasing an update to all affected platforms. Given the "Critical" level that Adobe has assigned to the flaw, it'll probably come relatively quickly, too.