Copy link to clipboard
Copied
Last week we figured out that some of our Acrobat Readers are silently trying to download some kind of data/zip being hosted at:
http://acroipm2.adobe.com/assets/Owner/arm/adnme4/2001.zip
A forensic analysis by our security team just revealed that it's just a broken zip file with a broken/incomplete png file. According to the URL beginning "acroipm2" this might be some "In Product Marketing" of Adobe and this zip file could be some advertisement package.
However it seems someone messed up here and left an broken package on the server that might eventually impact many customers - at least our users don't notice that something is broken. Still our web scanner complains that something attempty to download a "unscannable" piece of data which notoriously brings up a security alert.
The 1st level support just recommends to reinstall the product and doesn't get the impact of that.
I would recommend someone at Adobe tries to identify that broken package and remove or fix it on their server - this would be more effective instead of asking their customers to take some action to fix an error that happened on Adobe's side.
Copy link to clipboard
Copied
Hi, thank you for bringing this to our attention. Rest assured, the file located at "http://acroipm2.adobe.com/assets/Owner/arm/adnme4/2001.zip" is not malicious and is necessary for Adobe Reader to function correctly. We’ll work to address this behavior in future releases.