Have the same problem in 2 different locations:

C:\Users\All Users\Adobe\CS5\jre\bin\java.exe

C:\ProgramData\Adobe\CS5\jre\bin\java.exe

JRE version detected: 6.0.180.7

I contacted technical support, the representative took notes but that's all. No solution has been given.

I'm thinking to replace jre folder with jre6 but I'm afraid of the result.

I understand install package from DVD is not up-to-date. But I don't understand patch is not yet available thru Adobe updater (checked launching it within Photoshop).

The v6.0.20 JRE is available since 15th of April.

Adobe: don't let users of brand new CS5 with Highly critical vulnerabilities on their system!

Fix it ASAP. In the interval, a workaround is welcome.

PS: I've just reported vulnerability detected in CS5 Suite to Secunia

At the moment I simply renamed java.exe with java.exe_OLD in  C:\ProgramData\Adobe\CS5\jre\bin\java.exe

So it shouldn't be able to be run and when an Adobe update will be published I shouldn't have to reinstall any program.

I was up to do the same renaming in C:\Users\All Users\Adobe\CS5\jre\bin\java.exe but obvisouly exe file has been also renamed during first renaming (curious but true, the 2 folders seem "linked").

No alerts anymore in Secunia PSI Vulnerable soft and Browers tabs but this workaround is not an acceptable solution.

Too soon to say if all Adobe apps work properly.

Adobe, wake up! A big company like yours cannot play that way with security.

Secunia found the same problem on my machine and I located an additonal old version 5 java.exe at another location that Secunia didn't notice: \Program Files\Adobe\Acrobat 9.0\Designer 8.2\jre\bin. I contacted Adobe Support. They told me since this is a 3rd party software issue, I need to contact java.com directly and referred me to Java's online chat support. Adobe said online chat support would be free. However, Java calls it "fee-for-service" and most problems cost about $75 to fix!

Instead of throwing away my money just to get CS5 installed safely, I made .zip files of the jre folders (Dreamweaver's was in the folder "JVM" instead of jre) in case they would be necessary later and then just deleted the contents of each jre folder. 4 of the 5 opened fine. The only one that generated an error was Flash Pro. However, when I copied the contents of the latest (secure) version of jre to C:\ProgramData\Adobe\CS5\jre\ , Flash Pro fired up fine with no error messages.

The problem with this approach showed its ugly head yesterday when I tried to update Dreamweaver. It FAILED. I unzipped the saved jre folder back to its original location, tried to update again, and it still failed. I am still waiting for an answer from another post but I suspect that this may be related to monkeying with java.

Sure would be nice if Adobe would solve this security issue themselves, instead of making customers of a very expensive software resort to playing with things under the hood themselves.