Adobe Security Patches for May 8, 2012

Adobe has released two security bulletins for Adobe Photoshop CS and Adobe Flash Professional CS.  However, there is bad news for those who use these Adobe products to create content,  Adobe has only fixed the security holes in new versions, and you have to pay to upgrade.  The latest Adobe Security bulletins and advisories as of May 8, 2012, links to the advisories for these products which tells users who cannot upgrade that "Adobe recommends users follow security best practices and exercise caution when opening files from unknown or untrusted sources."  In other words, you're being abandoned. 

Those who cannot upgrade (or who choose not to support Adobe any longer) should look into alternative products such as GimpShop or LibreOffice Impress.  Two articles listing alternatives to these Adobe programs are here:

• 10 Excellent Open Source and Free Alternatives to Photoshop
• 10 Free And Useful Open-Source Alternatives For Designers

---

EDIT Fri 11 May 2012 14:32: Other blogs are chiming in on this issue, and they're NOT happy about Adobe's position:

• Photoshop, Illustrator users must pay for critical security updates | ZDNet
• Adobe’s fix for Photoshop CS5 security issue? Buy Photoshop CS6 | Naked Security

---

In other Adobe security news, today Adobe has released another patch, this one free, for the Shockwave Player.  Details here: Security update available for Adobe Shockwave Player.

Adobe - Security Bulletins: APSB12-11 Security bulletin for Adobe Photoshop

Summary

Adobe released a security upgrade for Adobe Photoshop CS5.5 and earlier for Windows and Macintosh. This upgrade addresses vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system.

Adobe has released Adobe Photoshop CS6, which addresses these vulnerabilities. For users who cannot upgrade to Adobe Photoshop CS6, Adobe recommends users follow security best practices and exercise caution when opening files from unknown or untrusted sources.

Affected software versions

Adobe Photoshop CS5.5 and earlier versions for Windows and Macintosh

Solution

Adobe has released Adobe Photoshop CS6 (paid upgrade), which addresses these vulnerabilities. For users who cannot upgrade to Adobe Photoshop CS6, Adobe recommends users follow security best practices and exercise caution when opening files from unknown or untrusted sources.

Adobe - Security Bulletins: APSB12-12 Security bulletin for Adobe Flash Professional

Summary

Adobe released a security upgrade for Adobe Flash Professional CS5.5 (11.5.1.349) and earlier for Windows and Macintosh. This upgrade addresses a vulnerability that could allow an attacker who successfully exploits this vulnerability to take control of the affected system.

Adobe has released Adobe Flash Professional CS6, which addresses this vulnerability. For users who cannot upgrade to Adobe Flash Professional CS6, Adobe recommends users follow security best practices and exercise caution when opening files from unknown or untrusted sources.

Affected software versions

Adobe Flash Professional CS5.5 (11.5.1.349) and earlier for Windows and Macintosh

Solution

Adobe has released Adobe Flash Professional CS6 (paid upgrade), which addresses this vulnerability. For users who cannot upgrade to Adobe Flash Professional CS6, Adobe recommends users follow security best practices and exercise caution when opening files from unknown or untrusted sources.