with great power comes great responsibility... therefore, reduce freaking the power needed. There is no need for a plug-in such as that to have so many rights and powers over the system, for what it is meant to do most of the time at least.
"Moscow-based security firm Kaspersky Lab discovered the zero-day exploits"
Russian company that lives on selling Antivirus suddenly discovers a vulnerability lol.
Anyway Flash is mess, it was known long time ago, one of their past developers said that they have so many workarounds there that you can't even easily add something new. Their first version was the biggest garbage though. When will WebGL/CL and HTML5 video mature already? Even though they will obviously contain some vulnerabilties: 1) different departmen, one thing for video another for games. 2) each browser is using different backends(atleast gstreamer is opensource, means fast fixes) that are quite good comparing to flash and since there are more than 1 realization attackers would have to do more work.