HP has begun offering a free Flash security tool called HP SWFScan , which helps developers identify vulnerabilities in their Flash apps. Though the ubiquity of Flash-based content should be enough motivation for developers to tighten the screws, a research conducted by HP revealed otherwise.
Thirty-five percent of the 4,000 Flash apps sampled by HP were found to be against Adobe’s security best practices. SWFScan decompiles Flash apps and checks the underlying ActionScript code for flaws. HP claims developers can even “ audit third party applications without requiring access to the source code. ”