Adobe released a software update for Photoshop CS5 and CS5.1 (click here), and for Illustrator CS5 and CS5.5 (click here). The patch addresses a security issue that makes it possible to inject malicious code into a computer system. I wrote “finally” in the title because at first Adobe tried to address this issue with an update to Photoshop CS6 (and it is not a free update). After several complains from users, and after a month, Adobe decided to release the patches. When asked by German technology news-ticker heise.de (Google translated) why they did not release a free security update, Adobe answered:
While Adobe did resolve the vulnerabilities [..] in the Adobe Photoshop CS6 major release, no dot release was scheduled or released for Adobe Photoshop CS5 or CS5.5. The team did not believe the real-world risk to customers warranted an out-of-band release to resolve these issues. The security bulletin for Photoshop is rated as a Priority 3 update, indicating that it is a product that has historically not been a target for attackers, and in this case we are not aware of any exploits targeting the issues fixed.