Adobe has issued a update for both Flash Player 10.0.42.34 and Air 1.5.4.1920 to address a critical vulnerabilities CVE-2010-0186 and CVE-2010-0187 which an attacker could subvert the domain sandbox and conduct unauthorized cross-domain requests. Users can visit the About Flash page to determine the version they are currently using. The download can be acquired from Flash Download Page.

To determine the version of Adobe Air is becomes a bit more complicated.

• Inside the /Library/Frameworks/Adobe AIR.framework/Versions directory, you’ll find a numbered folder which represents the main version of the AIR runtime installed (for example 1.0) 
• For more detailed information, open the/Library/Frameworks/AIR.framework/Versions/1.0/Resources/Info.plist text file and locate the <key>CFBundleVersion</key> entry, the corresponding string entry represents the version of AIR, for example: <string>1.5.3.9120</string>

The latest version of Air can be acquired here. After the user installs the updated version of Flash Player they should visit their setting panel to ensure that none of their privacy settings have changed. 

Currently it is the recommendation of Magmatic not to install Flash Player or any Adobe product on Mac OSX Server which includes Air, Flash, Acrobat or Acrobat Reader. If Adobe products are installed on systems users should never use a privileged account to access them. In addition for PDF users should set Preview.app as the default to open pdf files.