Adobe’s Latest Security Patch Installs Chrome Extension to Collect Data

Home / Adobe’s Latest Security Patch Installs Chrome Extension to Collect Data
Share This:

Earlier this week, Adobe released some updates to fix security issues and vulnerabilities identified in Adobe Acrobat Reader. Twitter’s @SwiftOnSecurity noticed a new Google Chrome extension for Adobe Acrobat after the update. According to the post, there is no mention of the new extension anywhere in Adobe’s changelog and instead is installed without your knowing. When you click on the extension in Google Chrome, you’ll be prompted to either “Enable Extension” or “Remove From Chrome”. We suggest you click on Remove From Chrome.

The extension does a couple of things; it provides a quick way to convert a Web page into a PDF if you have a paid version of Acrobat, and it lets you choose to open PDFs in Adobe Reader rather than using Chrome’s built-in PDF support. The plugin lists permissions to do three things: “read and change all data on the websites you visit,” “manage your downloads,” and “communicate with cooperating native applications.” The extension also collects basic information and sends this to Adobe. This tracking appears to be on by default, though it can be disabled through the extension’s options page. Adobe states that this information is anonymous and does not include URL data.

While the extension itself has been around for a while, the fact that Adobe has decided to secretly include it with a security update without prompting the user is an issue. As a member of the IT Security community, this sort of action bothers me. End users should never feel wary about installing security fixes that might leave their system vulnerable, but actions like this may make people feel less confident when installing security updates. Thanks Adobe!

Disable Collection Of Telemetry Data

If you decide to keep the Chrome extension, we recommend you at least disable the option to collect and send the telemetry data to Adobe.

  • Load chrome://extensions/ in the Google Chrome address bar.
  • Locate the Adobe Acrobat extension on the page, and click on the options link.
  • On the page that opens, uncheck “Allow Adobe Acrobat for Chrome to send anonymous usage information to Adobe for product improvement purposes”.

How To Fix Chrome Crashing

If the Adobe Acrobat Chrome Extension is causing your Google Chrome to crash at startup, or you can’t remove the extension, you can try running the Google Chrome Cleanup Tool. According to Google:

This application will scan and remove software that may cause problems with Chrome, such as crashes, unusual startup pages or toolbars, unexpected ads you can’t get rid of, or otherwise changing your browsing experience.

By | 2017-01-13T23:21:03+00:00 January 13th, 2017|Categories: Security|Tags: , , , , , |4 Comments

4 Comments

  1. john January 13, 2017 at 5:03 pm - Reply

    Adobe has always been slime.

  2. Joel January 13, 2017 at 9:20 pm - Reply

    I believe this was the cause of a Windows 8.1 Chrome to become “unresponsive” repeatedly, to the point of being completely unusable. Running the Chrome Cleanup Tool (https://www.google.com/chrome/cleanup-tool/) seemed to fix the problem.

    • Robert Russell January 13, 2017 at 11:22 pm - Reply

      Thanks for the info! I added a section at the end of the article with a link to the tool.

  3. Joel January 13, 2017 at 9:21 pm - Reply

    p.s. We could never even get past the “Enable Extension” or “Remove From Chrome” dialog before running the Cleanup Tool. Chrome just froze.

Leave a Comment