Adobe squishes code execution bug in download manager.
Adobe Systems on Tuesday patched a critical vulnerability that could be exploited to remotely install malicious files on end-user PCs when they install or upgrade Reader and Flash applications.
When combined with a flaw on Adobe's website, the bug in the Adobe Download Manager made it possible for attackers to install malware on Windows machines simply by leading victims to a special link on the adobe.com domain. Last week, researcher Aviv Raff demonstrated how the vulnerabilities could be exploited to download and execute any file of his choosing
on a Register