A known and patched exploit in Adobeis Shockwave player -- a component of Flash -- can be used to target World of Warcraft player accounts, according to a warning issued by Blizzard Entertainment Wednesday night. The exploit is an old one, according to Adobe and Blizzard, and is not present in the current version (18.104.22.168) of the Flash plugin.
"A recent vulnerability has been discovered in popular web-content delivery program Adobe Flash, and it could potentially be used to target World of Warcraft players and accounts," Blizzard told players through the WoW client and on the WoW home page. "The newest available version of Adobe Flash, version 22.214.171.124, does not contain this vulnerability, and we recommend that everyone upgrade their Flash player as soon as possible by visiting the Adobe.com download page at the link below."
Blizzard also disabled the ability to post URLs as hyperlinks in its forums in an effort to prevent the bad guys from being able to direct people to Web pages where the exploit has been targeted.
Adobe has information on how to identify the version number of your Flash plugin. For those wishing to update anyway, you can visit Adobeis Flash download site.