Patch to Fix Critical Adobe Download Manager Vulnerability Released
Article by George Norman
On 24 Feb 2010
Last week Adobe announced to the world that it is aware of the fact that its Adobe Download Manager software application is plagued by a vulnerability that could allow for remote code execution if successfully exploited by a person with malicious intent.

It all started with security researcher Aviv Raff who initially uncovered a design flaw on Adobe’s site that allowed “the abuse of the Adobe Download Manager to force the automatic installation of Adobe products, as well as other software products.” After Adobe was informed about this issue and downplayed the discovery, Aviv Raff then uncovered a remote code execution flaw in Adobe Download Manager that could allow an attacker to force an automatic download and installation of any executable that attacker wants.

Advertising

Since then the California-based company that specializes in creating multimedia and creativity software products has been working with Aviv Raff to resolve the issue. And now that fruits of their labor have come to light. Adobe has posted a security bulletin in which it says the following:

“Users, who have downloaded Adobe Reader for Windows from http://get.adobe.com/reader/ or Adobe Flash Player for Windows from http://get.adobe.com/flashplayer/ prior to the release of this Security Bulletin on February 23, 2010, can verify they are not vulnerable to this Adobe Download Manager issue by following the instructions below:
  • Ensure that the C:Program FilesNOS folder and its contents ("NOS files") are not present on your system. (If the folder is present, follow the steps below to remove).
  • Click "Start" > "Run" and type "services.msc". Ensure that "getPlus(R) Helper" is not present in the list of services.
If the NOS files are found, the Adobe Download Manager issue can be mitigated by:
  • Navigating to Start > Control Panel > Add or Remove Programs > Adobe Download Manager, and selecting Remove to remove the Adobe Download Manager from your system.
OR
  • Clicking "Start" > "Run" and typing "services.msc". Then deleting "getPlus(R) Helper" from the list of services.
  • Then delete the C:Program FilesNOS folder and its contents."




Tags: Adobe, Adobe Download Manager, Aviv Raff, Security, Remote code execution
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
By George Norman on 31 May 2017
Having lots of devices connected to your network and the internet isn't a problem, as long as you keep the bad guys out of the picture. That’s crucial, because they'll exploit any vulnerability that they can find.
By George Norman on 17 Jul 2017
If you want top notch protection for your Windows computer, you can’t go wrong by getting something developed by the internationally renowned security company Kaspersky Lab. The problem is that…
By George Norman on 26 Jul 2017
Top-notch real-time protection against viruses doesn’t have to cost money, not if you go with the recently introduced Kaspersky Free antivirus solution. It may not come with a lot of bells and whistles, but it nicely covers all the basics and...
By George Norman on 31 Jul 2017
Are people taking better care of their passwords, or have their password habits changed for the worse? To get an answer to that question, data loss prevention software company Digital Guardian surveyed a thousand people about their password security habits and found that...
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Patch to Fix Critical Adobe Download Manager Vulnerability Released
HTML Linking Code