Adobe will issue free security fixes for CS5 apps after all

The company says it's working on patches for Creative Suite 5.x versions of Photoshop, Illustrator, and Flash. Previously, customers would have had to pay to upgrade to CS6 to get the fixes.

Adobe has apparently changed its mind about requiring customers to pay to get recent security patches for its Photoshop, Illustrator, and Flash Professional products.

The patches cover vulnerabilities that could let a remote user execute malicious code and take control of computers that are running the products.

A post to Adobe's security blog dated yesterday says the following:

We are in the process of resolving the Adobe Illustrator CS5.x, Adobe Photoshop CS5.x (12.x) and Adobe Flash Professional CS5.x, and will update the respective Security Bulletins once the patches are available.

Users may monitor the latest information on the Adobe Product Security Incident Response Team blog at or by subscribing to the RSS feed at

Adobe had originally said customers would need to pay to upgrade to the CS6 versions of the products to get the fix.

The company told CNET sister site ZDNet Australia earlier that "while Adobe did resolve these issues in the Adobe Illustrator/Photoshop/Flash Professional CS6 major releases, no dot release was scheduled or released for Adobe Illustrator/Photoshop/Flash Professional CS5 or CS5.5," and that "the team did not believe the real-world risk to customers warranted an out-of-band release to resolve these issues."

Adobe told ZDNet Australia that it wasn't aware of any attacks that were taking advantage of the security flaws, but the news site noted that there is "a working proof of concept for the Photoshop vulnerability in the wild, which could make it trivial for a hacker to launch a targeted attack on a user."

Rich Mogull, a security analyst at, told Macworld that a software maker not issuing security patches for products it still supports breaks with "industry convention and customer expectations. If the products are really out of support, then that's understandable. But [Adobe's] own site shows them still within an active support window." Macworld reported on the CS5.x fixes earlier today.

We've contacted Adobe for comment on the patches and will update this post if and when we hear back.

Featured Video
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

The WRT1900ACS is Linksys' new best Wi-Fi router to date

CNET editor Dong Ngo compares the new WRT1900ACS and the old WRT1900AC Wi-Fi routers from Linksys. Find out which one is better!

by Dong Ngo