Adobe silently installs browser plugin with security update

Adobe has been caught with silently installing a Chrome browser extension with a security update of its Acrobat Reader. During the installation process users are not notified the plugin is installed, but as soon as they open Chrome, they are notified by the browser that a Adobe Acrobat extension has been added.

ADVERTISEMENT

Security update 15.023.20053 for Acrobat Reader DC fixes 29 vulnerabilities and was released two days ago, Bleepingcomputer reports.  After it's installed and users open their Chrome browser, the browser's security system will notify the user that an Adobe Acrobat extension is added. Due to Chrome's security system, the extension is disabled by default.

The extension is called Adobe Acrobat and it makes it possible to save any webpage to a PDF file.

If users choose to enable the plugin then they have to give permissions to the plugin to read and change all data on the websites they visit, manage their downloads and to communicate with cooperating native applications. The Acrobat extension also has anonymous usage data collection enabled by default.

ADVERTISEMENT

Users who don't want the Acrobat extension on their system can click the 'Remove' button in the warning/notification dialog that pops up in Chrome after the extension has been added.

No posts to display