Product
Security Update Available for the Adobe Acrobat extension for Chrome
Release date: January 19, 2017
Vulnerability identifier: APSB17-03
Priority: 2
CVE number: CVE-2017-2929
Platform: Windows
Summary
Adobe has released a security update for the Adobe Acrobat extension for Chrome. This update addresses a cross-site scripting vulnerability rated important that could potentially lead to javascript execution in the browser.
Affected versions
|
Affected version |
Platform |
Acrobat Extension for Chrome |
15.1.0.3 |
Windows |
For more information about this extension, please visit the Acrobat extension for Chrome article.
Solution
Users should receive the update automatically via the Chrome update process with no intervention required. To manually update the extension, please follow the instructions below:
- Open Google Chrome
- In the address bar, type chrome://extensions
- At the top of the page, check the "Developer mode" box
- Click "Update extensions now"
- Uncheck the "Developer mode" box
Updated version |
Platform |
Priority rating |
Availability |
|
Acrobat Extension for Chrome |
15.1.0.4 |
Windows |
2 |
Vulnerability Details
This update resolves a cross-site scripting vulnerability that could lead to javascript execution in the browser (CVE-2017-2929).
Acknowledgments
Adobe would like to thank Tavis Ormandy of Google Security and Gary O'Leary-Steele of Sec 1 Ltd for reporting this issue and for working with Adobe to help protect our customers.