Adobe Security Bulletin

Release date: January 19, 2017

Vulnerability identifier: APSB17-03

Priority: 2

CVE number: CVE-2017-2929

Platform: Windows

Adobe has released a security update for the Adobe Acrobat extension for Chrome. This update addresses a cross-site scripting vulnerability rated important that could potentially lead to javascript execution in the browser.

Product	Affected version	Platform
Acrobat Extension for Chrome	15.1.0.3	Windows

For more information about this extension, please visit the Acrobat extension for Chrome article.

Users should receive the update automatically via the Chrome update process with no intervention required. To manually update the extension, please follow the instructions below:

Open Google Chrome
In the address bar, type chrome://extensions
At the top of the page, check the "Developer mode" box
Click "Update extensions now"
Uncheck the "Developer mode" box

Product	Updated version	Platform	Priority rating	Availability
Acrobat Extension for Chrome	15.1.0.4	Windows	2	Chrome web store

This update resolves a cross-site scripting vulnerability that could lead to javascript execution in the browser (CVE-2017-2929).

Adobe would like to thank Tavis Ormandy of Google Security and Gary O'Leary-Steele of Sec 1 Ltd for reporting this issue and for working with Adobe to help protect our customers.

Adobe Security Bulletin

Security Update Available for the Adobe Acrobat extension for Chrome

Summary

Affected versions

Solution

Vulnerability Details

Acknowledgments

Ask the Community

Contact Us