Adobe Acrobat auto-installed a vulnerable Chrome extension on Windows PCs

Adobe is no stranger to finding itself in the security headlines for all the wrong reasons, and it seems that things may not be changing as we enter 2017.

There was controversy earlier this month when news broke about how Adobe took the opportunity on Patch Tuesday of using its regular security updates to force Adobe Acrobat DC users into silently installing a Google Chrome extension.

As Bleeping Computer reports, most people first found out about the extension, which offers the ability to easily convert webpages into PDF files, when they saw a prompt asking them to approve the following permissions:

  • Read and change all your data on the websites you visit
  • Manage your downloads
  • Communicate with cooperating native applications

Read more on: TripWire

Leave a Reply