Flash has always been a security risk
Along with Java Applets, Flash has always been seen as a security risk. Most secure operations block them on the firewall.
Personally I do use flash for streaming media, but it should never be integral to a site.
This is why having something like ogg vorbis becoming the standard multimedia delivery format is important. Most developers want something that turns the static web into something more akin to a functional networked program, and we need that to be an open format, primarily for security. Java whilst I think it may have become more open, still has a remit that is too far reaching, and it rides over browser security, it can only be used really in intranets.