Adobe Systems, Inc. has issued a security bulletin advising users of Photoshop CS2 and CS3 to update their installations. This is to address certain vulnerabilities in Photoshop that could be exploited by malicious hackers.
Critical vulnerabilities have been identified in Photoshop CS2 and CS3 that could allow an attacker to take control of the affected system. Adobe said these vulnerabilities are not remotely exploitable, but could, for instance, be triggered by opening a malicious BMP, DIB, RLE or PNG file delivered to a user via their e-mail client. A malicious image file must be opened in Photoshop by the user for an attacker to exploit these potential vulnerabilities.
Adobe also encourages all customers to be cautious before opening any unknown file, regardless of which application they may be using.
Update instructions are available at the Adobe website.