Adobe Security Bulletin

Release date: January 19, 2017

Vulnerability identifier: APSB17-03

Priority: 2

CVE number: CVE-2017-2929

Platform: Windows 

Adobe has released a security update for the Adobe Acrobat extension for Chrome. This update addresses a cross-site scripting vulnerability rated important that could potentially lead to javascript execution in the browser.

For more information about this extension, please visit the Acrobat extension for Chrome article.

Users should receive the update automatically via the Chrome update process with no intervention required. To manually update the extension, please follow the instructions below: 

1. Open Google Chrome 
2. In the address bar, type chrome://extensions 
3. At the top of the page, check the "Developer mode" box 
4. Click "Update extensions now" 
5. Uncheck the "Developer mode" box
   
   

This update resolves a cross-site scripting vulnerability that could lead to javascript execution in the browser (CVE-2017-2929).

Adobe would like to thank Tavis Ormandy of Google Security and Gary O'Leary-Steele of Sec 1 Ltd for reporting this issue and for working with Adobe to help protect our customers.