This post expects the reader to have a basic familiarity about Cross domain policy and the crossdomain.xml file. If they sound alien to you, check this technote by Colin Moock
Crossdomain policy was introduced with the security restrictions in Flash player 7 (r184.108.40.206). Right then, the only place where the flash player would look for a crossdomain.xml file was the root directory. Since it was difficult for site administrators to add a crossdomain.xml file to the site root location, a update was released over Flash player 7 (r 220.127.116.11) which included a new method called 'loadPolicyFile', which basically tells the Flash player to look for a custom location, other than the default root directory.
The usage for this method is as follows:
You can read more about this method from Macromedia LiveDocs.
So if you are still developing Flash 7 content, and are planning to use System.security.loadPolicyFile method, make sure your users have flash player 18.104.22.168 or more.