Adobe issued a fix on Tuesday for a critical vulnerability in its Download Manager program that could be used by an attacker to download malware onto a user’s PC.
People who downloaded Adobe Reader for Windows from Adobe’s Reader download site or Flash Player for Windows from Adobe’s Flash Player site prior to the release of the security bulletin on Tuesday are vulnerable, the company said.
The issue is resolved for any new downloads of Reader and Flash Player from those sites. Download Manager is a tool that helps users efficiently download files from web servers. It is used one time per session and is deleted when the computer is restarted. However, Adobe recommends users verify that a potentially vulnerable version of the Adobe Download Manager is no longer installed on their machine,” said the security bulletin.
Check to see if you’ve got a vulnerability by seeing whether the C:\Program Files\NOS\ folder and its contents (NOS files) are present on your computer. If they are, Adobe recommends running the ‘services.msc‘ prompt and making sure that ‘getPlus(R) Helper‘ is not in the list of services. If it is, it should be removed.
Source: ZDNet
