Adobe Security Bulletin

An update that costs hundreds to thousands of dollars is necessary to fix a “critical” security vulnerability in Photoshop CS5.5. Shameful.

There is a proof-of-concept linked at the bottom of the bulletin. This feels a bit like Adobe saying “boy, it would be a pity if someone followed our explicit instructions and sent you this malicious TIF file.”