More of a question is why are so many new Flash vulnerabilities found? Clearly Java is a platform with ongoing development, but are Adobe really continuing to develop Flash? Or are these long-buried vulnerabilities which are only now still coming to the surface?