[ralphc]

I've heard the Flash codebase described as a big steaming pile of C++. Perhaps they cared but making a secure Flash was an impossible task. Windows has magnitudes more resources working on it and it still gets exploits all the time.

[angry_octet]

They could have reimplemented it in a safe(r) language and runtime. It would have been a big effort, and Adobe extracted the maximum cash for least effort.

Comparisons with Windows don't make much sense because it is an OS and a thousand SDKs and ever growing attack surface.