Yes, Flash 10 is vulnerable.
http://www.adobe.com/support/security/bulletins/apsb09-01.html
The link IS in the advisory that El Reg links to, but the iDefense advisory sucks royally.
"iDefense has confirmed the existence of this vulnerability in latest version of Flash Player, version 9.0.124.0. Previous versions may also be affected."
Well, that's not the latest version of Flash Player, not by a long mile. This marks down iDefense as an unreliable source for advisories in my book.