James Delahunty
23 Feb 2010 19:03
Adobe Systems said on Tuesday that it patched a critical vulnerability that affected the Adobe Download Manager. The Download Manager is used when Internet users download Flash or Reader software from Adobes websites.
A critical vulnerability was discovered that could be used by attackers to remotely install malicious software on a victims PC. In order to fulfill an exploit, an attacker would lead the victim to a special modified link on the adobe.com domain.
The combination of the two combined to make a very serious security threat. The download manager is usually removed from a users' PC as soon as a computer is restarted. Users of the download manager in the past can ensure security by making sure the directory - C:Program FilesNOS - is not present.
More information on the issue is available at:
http://www.adobe.com/support/security/bulletins/apsb10-08.html