Adobe patches critical bug in Flash, Reader download tool
Urges Windows users to search PCs for flawed Adobe Download Manager
Computerworld - Adobe today patched a critical vulnerability in the Windows utility used to download the company's two most popular products, Adobe Reader and Flash Player.
It was the second time in the last six weeks that Adobe fixed a flaw in Download Manager, the program it installs on PCs when customers download Reader or Flash Player.
The bug, Adobe acknowledged in an advisory, "potentially allow[s] an attacker to download and install unauthorized software onto a user's system."
Israeli security researcher Aviv Raff disclosed the vulnerability last week, when he said that attackers could use the Download Manager to forcibly download and install any executable file, including attack code.
"If you go to Adobe's Web site to install a security update for Flash, you really expose yourself to a zero-day attack," Raff said.
Download Manager is not the update mechanism for Reader and Flash Player -- that's dubbed Adobe Update Manager -- but instead oversees file transfers from Adobe's site.
Among other things, the manager resumes interrupted downloads and queues up multiple files for download. The utility isn't an Adobe product, but rather a customized version of getPlus+, licensed from NOS Microsystems.
Although Download Manager is automatically removed from a Windows PC the next time the machine is restarted, Raff said it still posed a danger because some systems remain powered on for days or even weeks between reboots.
"Adobe recommends users verify that a potentially vulnerable version of the Adobe Download Manager is no longer installed on their machine," said Adobe in the advisory.
The steps Adobe urged involved searching the hard drive for a "C:\Program Files\NOS\" folder, or entering "services.msc" at a command line prompt in Windows, then deleting the "getPlus Helper" service from the ensuing list.
Users don't need to take any action with either Reader or Flash Player, said Adobe, as the vulnerability does not affect either program.
This wasn't the first time that a Download Manager component required patching. One of the six critical bugs Abode patched in Reader and Acrobat last month was within the NOS Microsystem's ActiveX control that allowed Internet Explorer to use Download Manager. The vulnerability had been reported to Adobe by Will Dormann, a researcher at the CERT Coordinating Center, last November.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed . His e-mail address is email@example.com.
- Feds declare big win over Cryptolocker ransomware
- Hackers hit more businesses through remote access accounts
- P.F. Chang's post-breach move to manual processing is telling
- Microsoft withholds monster IE update from Windows 8.1 dawdlers
- In baffling move, TrueCrypt open-source crypto project shuts down
- 'Oleg Pliss' hack makes for a perfect teachable IT moment
- Give IE the heave-ho until Microsoft patches zero-day
- Hackers find first post-retirement Windows XP-related vulnerability
- Researcher claims two hacker gangs exploiting unpatched IE bug
- Update: Third of Internet Explorer users at risk from attacks
Read more about Malware and Vulnerabilities in Computerworld's Malware and Vulnerabilities Topic Center.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- Improving IT Efficiencies: Four Advantages of Multi-Tenant Data Centers Increasing demands on IT are forcing organizations to rethink their data center options. For many organizations, that means turning to the flexibility afforded...
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope... All Malware and Vulnerabilities White Papers | Webcasts