A new version of the download manager for Adobe Reader is live. This new version resolves the Moderate local privilege escalation issue discussed in an Adobe PSIRT blog post on July 22.
No action is required for users downloading Adobe Reader from http://get.adobe.com/reader/. Users who previously downloaded Adobe Reader for Windows from http://get.adobe.com/reader/ can verify they are not vulnerable to this download manager issue by checking the following:
- Ensure that the C:\Program Files\NOS folder and its contents are not present on your system.
- Click "Start" > "Run" and type "services.msc". Ensure that "getPlus(R) Helper" from the list of services.
If the NOS files are found, the download manager issue can be mitigated by:
- Deleting the C:\Program Files\NOS folder and its contents
- Click "Start" > "Run" and type "services.msc". Delete "getPlus(R) Helper" from the list of services
Note: As mentioned in a late July Adobe Security Bulletin and PSIRT blog post, we want to remind users Adobe is planning its next quarterly security update for Adobe Reader and Acrobat for Tuesday, October 13.
This posting is provided "AS IS" with no warranties and confers no rights.
Leave a comment