Adobe Acrobat Reader is one of the most popular free applications on the web. The reader of PDF files is used by millions of people around the world to access this kind of documents even though for some time we can simply open them using a browser like Chrome.
Adobe Reader does not suffer from as many vulnerabilities as Flash, but one of its biggest annoyances has always come from the hand of additional software that tries to install on our computer when we download. Now it seems that it is not just the curse of McAfee, but the program goes so far as to install a Chrome extension without asking for any permissions or give any notice, and also taking a lot of liberties about the data that can access.
If you installed the latest version of Adobe Reader on your computer, you may have missed the notice in Google Chrome about a new extension that has been installed. Just look at your top bar and click on the orange alert icon.
This completely unnecessary extension, has not only been installed without any previous communication, but also has too high permissions. You can ” Read and modify all the data of the websites you visit “, “Manage your downloads” and “Communicate with native cooperative applications”. Why do you need an extension of a PDF reader to read and modify all the data of the websites I visit?
The finding was remarked yesterday by SwiftOnSecurity, and if we look at the privacy policy of the extension we see how we automatically agree to participate in an Adobe program to send all kinds of data to the company about the use we make of our browser. Supposedly everything is anonymous and no personal information is collected that can identify us, but it is still quite questionable.
The recommendation is that you simply delete the extension of your browser, you can do it right when it is installed for the first time, or access the list of all your extensions by typing the URL chrome://extensions/in the browser. And, you can always use alternatives to Acrobat Reader like Sumatra PDF or Foxit Reader.