In association with heise online

02 May 2008, 10:50

Akamai Download Manager executes malicious code

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Load-balancing and broadband specialist Akamai offers a Download Manager, using which files can be downloaded from the company's servers. Due to a security hole in both the ActiveX and Java versions, attackers can insert manipulated links into web sites, emails or Instant Messages that can also download malicious programs such as trojans and run them automatically.

Security services provider iDefense has detected two undocumented parameters in the software, which attackers can exploit to cause a file to be automatically downloaded and run. The download window is indeed displayed, says iDefense, but if the malware is small, as it normally is, the window disappears too quickly for the malicious download to be detected.

According to the security advisory, the DownloadManagerV2.ocx ActiveX module with the ClassIDs 2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B and FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1 in version is affected by the vulnerability. The Java class in the dlm-java- Java archive is also affected, but iDefense assumes that all versions before the current version also contain the flaw.

Akamai has provided updated versions that are installed when the update site is visited. Users of Akamai download software should immediately either import the update or uninstall the Java downloader and set the kill bit for the ActiveX component. A Microsoft Knowledge Base article gives practical assistance here. But because of the very many security holes in ActiveX modules, users of Internet Explorer are best advised to totally disable ActiveX immediately.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit