Adobe has issued a number of security updates for the following programs:
The Illustrator update is for CS5.5 and earlier for Mac and Windows. It “addresses vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system,” and the latest version of this software, CS6, already includes the fixes.
The Photoshop update addresses different vulnerabilities that can have the same effect. As for Illustrator, the latest version of the software, CS6, includes this fix.
The Flash Professional update patches one vulnerability, and, like the Illustrator and Photoshop flaws, is fixed in CS6.
Finally, the Shockwave update addresses five vulnerabilities “that could allow an attacker who successfully exploits these vulnerabilities to run malicious code on the affected system.”
The thing is, the updates to the CS5.5 programs – Illustrator, Photoshop and Flash Professional – are not available. The only way to patch these vulnerabilities is to pay for the upgrade to CS6. If you are not willing to upgrade – or not interested in upgrading for reasons which may include incompatible hardware – your software will remain vulnerable. As Adobe says:
Adobe has released Adobe Photoshop CS6 (paid upgrade), which addresses these vulnerabilities. For users who cannot upgrade to Adobe Photoshop CS6, Adobe recommends users follow security best practices and exercise caution when opening files from unknown or untrusted sources.
For the Shockwave update, users can download a new version of the software here. At least that one is free.