Earlier this week security researcher Aviv Raff warned of a potentially serious security bug in Adobe's Download Manager that could expose users to a zero-day attack. At the time, Adobe said it was aware of the issue and working on a patch.
Fast forward to today and Adobe has released a security update intended to plug up the security hole. The update affects certain users who downloaded Adobe Reader for Windows or Adobe Flash Player for Windows prior to February 23, 2010.
Adobe classifies this as a "critical" udpate and outlines steps above mentioned users can take to verify whether or not they are vulnerable. Two ways of doing that include:
If NOS files are found, Adobe recommends uninstalling the Download Manager via the Control panel. Alternately, users can delete "getPlus(R) Helper" from the list of services and then delete the C:\Program Files\NOS\folder and its contents.
More info here .