The vulnerability, discovered by Aviv Raff, could potentially allow an attacker to download and install unauthorized software onto a user's system, Adobe said in an advisory.
[ SEE: Skeletons in Adobe's security closet ]
The vulnerability affects Adobe Download Manager on Windows (prior to February 23, 2010).
The Adobe Download Manager, which is used to push security patches to Windows computers, is intended for one-time use and is designed to remove itself from the computer after use at the next computer restart.
However, Adobe is recommending that users verify that a potentially vulnerable version of the Adobe Download Manager is no longer installed on their machine.
Here are the instructions from Adobe's security advisory:
If the NOS files are found, the Adobe Download Manager issue can be mitigated by: