Adobe Patches Critical Hole in Download Manager

Author: Ryan Naraine
minute read

Adobe today shipped a patch for a critical vulnerability in its Download Manager utility, warning that hackers could exploit the issue to take full control of Windows computers.The vulnerability, discovered by Aviv Raff, could potentially allow an attacker to download and install unauthorized software onto a user’s system, Adobe said in an advisory.

Adobe today shipped a patch for a critical vulnerability in its Download Manager utility, warning that hackers could exploit the issue to take full control of Windows computers.

The vulnerability, discovered by Aviv Raff, could potentially allow an attacker to download and install unauthorized software onto a user’s system, Adobe said in an advisory.

READ: Security Skeletons in Adobe’s Closet

The vulnerability affects Adobe Download Manager on Windows (prior to February 23, 2010).

The Adobe Download Manager, which is used to push security patches to Windows computers, is intended for one-time use and is designed to remove itself from the computer after
use at the next computer restart.

However, Adobe is recommending that users
verify that a potentially vulnerable version of the Adobe Download
Manager is no longer installed on their machine.

Here are the instructions from Adobe’s security advisory:

  • Ensure that
    the C:Program FilesNOS folder and its contents (“NOS files”) are not
    present on your system. (If the folder is present, follow the steps
    below to remove).
  • Click “Start” > “Run” and type “services.msc”. Ensure that “getPlus(R) Helper” is not present in the list of services.

If the NOS files are found, the Adobe Download Manager issue can be mitigated by:

  • Navigating
    to Start > Control Panel > Add or Remove Programs > Adobe
    Download Manager, and selecting Remove to remove the Adobe Download
    Manager from your system.

OR

  • Clicking “Start” > “Run” and typing “services.msc”. Then deleting “getPlus(R) Helper” from the list of services.
  • Then delete the C:Program FilesNOS folder and its contents.

Suggested articles

Discussion

  • Anonymous on

    Hi! How do I ensure C:ProgramFilesNOSfolder, & its contents (NOS files), aren't present in my system? I clicked start, & typed C:ProgramFilesNOSfolder into my search bar, it said: Windows cannot find, make sure you typed correctly. So I even tried without using the folder on the end, & got the same reply. I do know, I did have getPlus (R) Helper on my system at one time, or I still do, cause I remember downloading it awhile back in Adobe. But, I can't remember if its been removed or not. Hope you can help, as I have a new computer & the thought makes me very uncomfortable. Thanks!

  • Anonymous on

    Hi,

    Is a good thing that Adobe is taking quick action and making their customers aware of the vulnerability with their applications. I'm trying to resolve this issue by following the instruction on how to remove "getPlus(R) Helper" from the list of services.

    There is no clear instruction on how to delete this service. Can someone help, please?

  • Anonymous on

    Well I found all them bad devils on my machine, and removed Download manager which had all what you said in it. As far as I can tell it no longer is on my machine.  Thank you so much.

  • Anonymous on

    I hate adobe software.  They alway overload it with a ton of intrusive crap.  Just ship the damn readers and skip all the other crap you auto install that alway ruins the performance of my system@@!!

     

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.

Subscribe now

Topics

Show all

Authors

Threatpost

InfoSec Insider

Infosec Insider Post

Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Content

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.