Flash is insecure for cross-domain scripting attacks. This is serious for sites that lets you post Flash files. Does Hotmail support inline Flash files in html emails?