Foxit Software has issued critical security updates for its widely used PDF solutions, Foxit PDF Reader and Foxit PDF Editor.
The updates—Foxit PDF Reader 2024.4 and Foxit PDF Editor 2024.4/13.1.5—were released on December 17, 2024, to counter vulnerabilities that could leave users exposed to remote code execution (RCE) attacks.
Details of the Vulnerabilities
The security flaws addressed in this update include Use-After-Free vulnerabilities in the handling of certain elements, such as AcroForms, checkbox objects, and 3D page objects.
Exploiting these flaws could allow an attacker to execute arbitrary code remotely on a victim’s system. These vulnerabilities are tracked under the following identifiers:
Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free
The flaws were reported by Mat Powell of Trend Micro Zero Day Initiative (ZDI) and KPC of Cisco Talos, both of whom disclosed that the issues stem from improper memory validation, such as the use of wild or null pointers.
Exploitation could result in application crashes or, in the worst-case scenario, permit malicious actors to take control of affected systems.
The vulnerabilities specifically impact Foxit PDF Reader and Editor software running on Windows operating systems.
No reports have yet confirmed active exploitation of these vulnerabilities in the wild, but due to the critical nature of these flaws, users are strongly encouraged to update immediately.
Foxit strongly advises all users of its PDF Reader and Editor software to upgrade to the latest version to mitigate these vulnerabilities.
To update the software, users running Version 2023.1 or higher should open Foxit PDF Reader or Foxit PDF Editor, navigate to the “Help” menu, and select “About Foxit PDF Reader” or “About Foxit PDF Editor.”
From there, they can click on “Check for Update” to install the latest version. For those using Version 13 of Foxit PDF Editor, the process is similar.
Open the application, go to the “Help” menu, select “About Foxit PDF Editor,” and click on “Check for Update.”Alternatively, users can download the updated version directly from Foxit’s official website to ensure they are running the most secure and stable release of the software.
Alternatively, users can download the updated versions directly from Foxit’s official website.
Given the potential for attackers to exploit these vulnerabilities and execute remote code, it is imperative for users to update their Foxit applications immediately. Keeping software current is one of the most effective measures to safeguard against cyber threats.
2024 MITRE ATT&CK Evaluation Results for SMEs & MSPs -> Download Free Guide