Google Project Zero researcher Tavis Ormandy discovered that a Chrome extension installed silently by Adobe last week had been affected by a cross-site scripting (XSS) vulnerability. Adobe quickly patched the flaw after learning of its existence. The updates released by Adobe on January 10 for Acrobat and Reader addressed 29 vulnerabilities. However, some users were … Continue reading XSS Found in Silently Installed Acrobat Chrome Extension