Adobe Flash Player and Photoshop Security Update

Adobe has identified and fixed several vulnerabilities in their software that would allow an attacker who managed to successfully exploit them to take control of the affected system. It seems that these vulnerabilities are platform-independent and all users - including OS X ones - are strongly encouraged to upgrade.

The applications in question are two of Adobe's most popular pieces of software, Flash Player and Photoshop CS. It seems that the vulnerability is found in both CS2 and CS 3, as both have been updated.

Flash Player update: Critical vulnerabilities have been identified in Adobe Flash Player that could allow an attacker who successfully exploits these potential vulnerabilities to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit these potential vulnerabilities. Users are recommended to update to the most current version of Flash Player available for their platform. Adobe recommends all users of Adobe Flash Player 9.0.45.0 and earlier versions upgrade to the newest version 9.0.47.0 (Win, Mac, Solaris) or 9.0.48.0 (Linux).

Photoshop CS2 and CS3 updates: Critical vulnerabilities have been identified in Photoshop CS2 and CS3 that could allow an attacker who successfully exploits these potential vulnerabilities to take control of the affected system. A malicious BMP, DIB, RLE, or PNG must be opened in Photoshop by the user for an attacker to exploit these potential vulnerabilities. Users are recommended to update their installations with the patches provided below, and Adobe encourages all customers to be cautious before opening any unknown file, regardless of which application they may be using. Adobe recommends all Photoshop CS2 and Photoshop CS3 users update their installations.

Although the vulnerabilities could pose a serious issue if properly exploited, Adobe has been quick to action and has issued these updates before there have been any exploits for OS X in the wild.