Security Update Available for the Adobe Acrobat extension for Chrome

Release date: January 19, 2017

Vulnerability identifier: APSB17-03

Priority: 2

CVE number: CVE-2017-2929

Platform: Windows 

Summary

Adobe has released a security update for the Adobe Acrobat extension for Chrome. This update addresses a cross-site scripting vulnerability rated important that could potentially lead to javascript execution in the browser.

Affected versions

Product Affected version Platform
Acrobat Extension for Chrome
15.1.0.3 Windows

For more information about this extension, please visit the Acrobat extension for Chrome article.

Solution

Users should receive the update automatically via the Chrome update process with no intervention required. To manually update the extension, please follow the instructions below: 

  1. Open Google Chrome 
  2. In the address bar, type chrome://extensions 
  3. At the top of the page, check the "Developer mode" box 
  4. Click "Update extensions now" 
  5. Uncheck the "Developer mode" box

Product Updated version Platform Priority rating Availability
Acrobat Extension for Chrome
15.1.0.4
Windows 2 Chrome web store

Vulnerability Details

This update resolves a cross-site scripting vulnerability that could lead to javascript execution in the browser (CVE-2017-2929).

Acknowledgments

Adobe would like to thank Tavis Ormandy of Google Security and Gary O'Leary-Steele of Sec 1 Ltd for reporting this issue and for working with Adobe to help protect our customers.