And it can be hacked
Adobe installed a browser extension for Google Chrome alongside an update for the company’s Adobe Acrobat Reader DC software.
The extension allows users to turn web pages into PDF documents. But it also phones home with telemetry data.
The move angered more than a few because the “feature” was not mentioned in the changelog, and you could not block it. Chrome’s security mechanism did stop it being enabled automatically and users were asked if they wanted to enable the Adobe Acrobat extension in Chrome, or remove it.
But the Chrome extension that Adobe pushed out to user systems was more insecure than Woody Allen on stage with an army of underwear models.
Google had a look under the bonnet and found that the code and a JavaScript code execution bug that put the then 30 million systems the extension was installed on at risk.
Adobe has rushed out a security update for the Adobe Acrobat extension for Chrome after Google growled at it. This update addresses a cross-site scripting vulnerability rated important that could potentially lead to JavaScript execution in the browser.
What is a little worrying is that Adobe thinks it is OK to push stuff out on its users in this way. Some are even saying that it means you absolutely cannot trust the software it installs.
Autore: Fudzilla.com – Home
Author: Tom's Hardware Le batterie a litio-ferro-fosfato (LFP) rappresentano una soluzione efficace per automobili di…
Author: GAMEmag Prosegue la serie di licenziamenti che hanno contraddistinto il 2024 come l'anno peggiore…
Author: IlSoftware Kyutai è il primo laboratorio di ricerca indipendente sull’intelligenza artificiale in Europa, inaugurato…
Author: Hardware Upgrade Il pericolo principale del mondo informatico? Secondo Cohesity è il ransomware, che…
Author: klatsch-tratsch Brad Pitt war am Donnerstag der Star von Silverstone. (jom/spot)Imago Images/PanoramiC / Imago…
Author: Stars Online A Travessia Global Ocean Cascais 2024 decorreu na Baía de Cascais, atraindo…