Yes, I would upgrade. Just be sure to download only from Adobe's website.
As for the Flashback malware see:
Helpful Links Regarding Flashback Trojan
Visit Thomas Reed's site for insight and help: Mac Malware Guide
A Google search can reveal a variety of alternatives on how the remove the trojan should your computer get infected. This can get you started. However, be careful about what you do as new variants of the malware circumvent the efforts of earlier tools.
Also see Apple's article About Flashback malware.
Apple has released Java updates for Snow Leopard and Lion users:
Java for OS X Lion 2012-003; available only for users of Lion with Java installed.
Java for Mac OS X 10.6 Update 8; available only for users of Snow Leopard.
Flashback malware removal tool; available only for users of Lion without Java installed.
Install whichever shows up in Software Update. It removes the malware (if present), updates Java (if present) and tightens up Java settings for the future. You may download from Apple's web site instead of using Software Update, but it's important to know which one to get, because the other two won't work for you.
For the truly paranoid see 10 Simple Tips for Boosting The Security Of Your Mac.
As long as you download from the acutual Adobe site you will be fine, not updating will put your Mac at risk, as Flash is patched for some pretty serious security flaws at regualr intervals. Always make sure you have the latest version on Windows and Mac PC's.