MA-217.022010:MyCERT Alert - Critical Vulnerability in Adobe Download Manager

1.0 Introduction

A critical vulnerability (CVE-2010-0189) has been identified in Adobe Download Manager. This vulnerability could potentially allow an attacker to download and install unauthorized software onto the user's system.

2.0 Impact

By exploiting this vulnerability, an attacker could potentially download and install unauthorized software onto a vulnerable system by tricking a user into following a specially crafted link or visiting a malicious web page.

3.0 Affected Products

Majority of Adobe Acrobat and Adobe Reader software are prone to this vulnerability. Below is the list of vulnerable products:

• NOS Microsystems getPlus Download Manager 1.2.2 50
• NOS Microsystems getPlus Download Manager 0
• Adobe Reader 9.3.1
• Adobe Reader 9.1.3
• Adobe Reader 9.1.2
• Adobe Reader 9.1.2
• Adobe Reader 9.1.1
• Adobe Reader 8.2.1
• Adobe Reader 8.1.7
• Adobe Reader 8.1.6
• Adobe Reader 8.1.6
• Adobe Reader 8.1.5
• Adobe Reader 8.1.4
• Adobe Reader 8.1.3
• Adobe Reader 8.1.2
• Adobe Reader 8.1.1
• Adobe Reader 9.3
• Adobe Reader 9.2
• Adobe Reader 9.2
• Adobe Reader 9.1
• Adobe Reader 9
• Adobe Reader 8.2
• Adobe Reader 8.1.2 Security Update
• Adobe Reader 8.1
• Adobe Reader 8.0
• Adobe Download Manager
• Adobe Acrobat Standard 9.3.1
• Adobe Acrobat Standard 9.1.3
• Adobe Acrobat Standard 9.1.2
• Adobe Acrobat Standard 8.2.1
• Adobe Acrobat Standard 8.1.7
• Adobe Acrobat Standard 8.1.6
• Adobe Acrobat Standard 8.1.4
• Adobe Acrobat Standard 8.1.3
• Adobe Acrobat Standard 8.1.2
• Adobe Acrobat Standard 8.1.1
• Adobe Acrobat Standard 9.3
• Adobe Acrobat Standard 9.2
• Adobe Acrobat Standard 9.1
• Adobe Acrobat Standard 9
• Adobe Acrobat Standard 8.2
• Adobe Acrobat Standard 8.1
• Adobe Acrobat Standard 8.0
• Adobe Acrobat Professional 9.3.1
• Adobe Acrobat Professional 9.1.3
• Adobe Acrobat Professional 9.1.2
• Adobe Acrobat Professional 8.2.1
• Adobe Acrobat Professional 8.1.7
• Adobe Acrobat Professional 8.1.6
• Adobe Acrobat Professional 8.1.4
• Adobe Acrobat Professional 8.1.3
• Adobe Acrobat Professional 8.1.2
• Adobe Acrobat Professional 8.1.1
• Adobe Acrobat Professional 9.3
• Adobe Acrobat Professional 9.2
• Adobe Acrobat Professional 9.1
• Adobe Acrobat Professional 9
• Adobe Acrobat Professional 8.2
• Adobe Acrobat Professional 8.1.2 Security Update
• Adobe Acrobat Professional 8.1
• Adobe Acrobat Professional 8.0
• Adobe Acrobat 9.1.1
• Adobe Acrobat 9.3
• Adobe Acrobat 9.2

4.0 Recommendation

Users who have downloaded Adobe Reader for Windows from http://get.adobe.com/reader/ or Adobe Flash Player for Windows from http://get.adobe.com/flashplayer/ prior to the release of this Security Bulletin on February 23, 2010, can verify that the products are not vulnerable to this Adobe Download Manager issue by following the instructions below:

• Ensure that the C:\Program Files\NOS\ folder and its contents ("NOS files") are not present on your system. (If the folder is present, follow the steps below to remove).
  
• Click "Start" > "Run" and type "services.msc". Ensure that "getPlus(R) Helper" is not present in the list of services.

If the NOS files are found, the Adobe Download Manager issue can be mitigated by: