Adobe Patches Critical Hole in Download Manager

Adobe today shipped a patch for a critical vulnerability in its Download Manager utility, warning that hackers could exploit the issue to take full control of Windows computers.The vulnerability, discovered by Aviv Raff, could potentially allow an attacker to download and install unauthorized software onto a user’s system, Adobe said in an advisory.

Adobe today shipped a patch for a critical vulnerability in its Download Manager utility, warning that hackers could exploit the issue to take full control of Windows computers.

The vulnerability, discovered by Aviv Raff, could potentially allow an attacker to download and install unauthorized software onto a user’s system, Adobe said in an advisory.

READ: Security Skeletons in Adobe’s Closet

The vulnerability affects Adobe Download Manager on Windows (prior to February 23, 2010).

The Adobe Download Manager, which is used to push security patches to Windows computers, is intended for one-time use and is designed to remove itself from the computer after
use at the next computer restart.

However, Adobe is recommending that users
verify that a potentially vulnerable version of the Adobe Download
Manager is no longer installed on their machine.

Here are the instructions from Adobe’s security advisory:

  • Ensure that
    the C:Program FilesNOS folder and its contents (“NOS files”) are not
    present on your system. (If the folder is present, follow the steps
    below to remove).
  • Click “Start” > “Run” and type “services.msc”. Ensure that “getPlus(R) Helper” is not present in the list of services.

If the NOS files are found, the Adobe Download Manager issue can be mitigated by:

  • Navigating
    to Start > Control Panel > Add or Remove Programs > Adobe
    Download Manager, and selecting Remove to remove the Adobe Download
    Manager from your system.

OR

  • Clicking “Start” > “Run” and typing “services.msc”. Then deleting “getPlus(R) Helper” from the list of services.
  • Then delete the C:Program FilesNOS folder and its contents.

Suggested articles