Adobe has released a security update fixing a critical flaw in its Download Manager software that could let attackers download and install unauthorised software onto a user's system.
The issue applies to any instance of the software downloaded before today, but will not apply to any new versions, the firm said.
"Adobe Download Manager is designed to remove itself from the computer after use at the next computer restart. However, Adobe recommends users verify that a potentially vulnerable version of the Adobe Download Manager is no longer installed on their machine," said the security bulletin.
Adobe credited security researcher Aviv Raff for bringing the flaw to the company's attention.
"Recently, I found a design flaw on Adobe's web site which allows the abuse of the Adobe Download Manager to force the automatic installation of Adobe products, as well as other software products (e.g. Google Toolbar)," Raff said in a blog post.
"Instead of admitting that this design flaw is indeed a problem which can be abused by malicious attackers, Adobe decided to downplay this issue."
Adobe urged users to see whether the C:\Program Files\NOS\ folder and its contents (NOS files) are present on their system. If they are, the firm recommends running the 'services.msc' prompt and making sure that 'getPlus(R) Helper' is not in the list of services. If it is, it should be removed.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago