Adobe Security Bulletin

Security Update Available for the Adobe Acrobat extension for Chrome

Release date: January 19, 2017

Vulnerability identifier: APSB17-03

Priority: 2

CVE number: CVE-2017-2929

Platform: Windows 

Summary

Adobe has released a security update for the Adobe Acrobat extension for Chrome. This update addresses a cross-site scripting vulnerability rated important that could potentially lead to javascript execution in the browser.

Affected versions

Product

Affected version

Platform

Acrobat Extension for Chrome

15.1.0.3

Windows

For more information about this extension, please visit the Acrobat extension for Chrome article.

Solution

Users should receive the update automatically via the Chrome update process with no intervention required. To manually update the extension, please follow the instructions below: 

  1. Open Google Chrome 
  2. In the address bar, type chrome://extensions 
  3. At the top of the page, check the "Developer mode" box 
  4. Click "Update extensions now" 
  5. Uncheck the "Developer mode" box

Product

Updated version

Platform

Priority rating

Availability

Acrobat Extension for Chrome

15.1.0.4

Windows

2

Vulnerability Details

This update resolves a cross-site scripting vulnerability that could lead to javascript execution in the browser (CVE-2017-2929).

Acknowledgments

Adobe would like to thank Tavis Ormandy of Google Security and Gary O'Leary-Steele of Sec 1 Ltd for reporting this issue and for working with Adobe to help protect our customers.

 Adobe

Get help faster and easier

New user?

Adobe MAX 2024

Adobe MAX

The Creativity Conference

Oct 14–16 Miami Beach and online

Adobe MAX 2024

Adobe MAX

The Creativity Conference

Oct 14–16 Miami Beach and online