MD5 or SHA checksums aren't available securely either, AFAICT.

eidnolb,

No that doesn't help at all.  Those instructions direct users to the Flash Player Download Center.  It is impossible for users to securely download Flash from the Flash Player Download Center.

ʇɐb ɹəuəllıʍ,

Yes, well, only Adobe can fix the problem; I was hoping some Adobe employee would happen to notice and take action, given this is a Critical security vulnerability; You agree this is a valid problem, right?

I was not aware of a way to get in touch with Adobe to report unresolved security vulnerabilities.  I just poked around and http://blogs.adobe.com/psirt/ eventually led me to the Adobe Security Report Form which I've filled out.  

(Amusingly, Adobe's "Notifying Adobe of Security Issues" web page says, "Adobe takes security very seriously and aims to quickly address any security-related problems involving our products. We've set up an email address that customers   can use to report security issues to us directly." In fact, it seems they do not, as they've not provided this "email address that customers can use to report security issues" on said web page.)

We'll see if Adobe finally gets its act together.

I tried one more thing - I opened a JIRA account and reported the issue that way.  Result:

Chris, thanks for trying, but I've long since done that.

You weren't looking closely enough at what I wrote, which indicated I'd already done so: I wrote, "I just poked around and http://blogs.adobe.com/psirt/ eventually led me to the Adobe Security Report Form which I've filled out."

The text "Adobe Security Report Form" in my earlier post is linked to the URL you posted.

It's the same Security Report (Form) I refered to two more times when I wrote:

Adobe's statement that I quoted, "Adobe takes security very seriously..." is a blatant lie in my view.
Adobe didn't even bother to respond to my Security Report, and AFAICT, has taken no steps to address the issue I raised here an in my Security Report!