Foxit Software has released an update for its Foxit PDF Reader 2024.1 and Foxit PDF Editor 2024.1 for Windows, addressing critical security vulnerabilities that could potentially allow attackers to execute remote code on a user’s system.
The vulnerabilities affected earlier versions of Foxit Reader and Foxit PhantomPDF, specifically version 10.0.0.35798 and earlier for Windows.
The company has acknowledged multiple security issues, including a Heap Buffer Overflow Remote Code Execution vulnerability and a Type Confusion Remote Code Execution vulnerability.
These vulnerabilities were identified by security researchers Steven Seeley of Qihoo 360 Vulcan Team and Rene Freingruber, along with Patrick Wollgast working with Trend Micro Zero Day Initiative.
Foxit PDF Reader Flaws
The Heap Buffer Overflow vulnerability occurs when the application fails to implement a fault-tolerance mechanism while processing corrupted data within an image.
The Type Confusion vulnerability could be exploited when the application incorrectly processes PDF objects without proper validation.
Foxit PDF Editor for Mac (previously named Foxit PhantomPDF Mac) 2023.3.0.63083 and all previous 2023.x versions are affected by the Use-After-Free vulnerability.
Users are recommended to update with Foxit PDF Editor for Mac 2024.1 and Foxit PDF Reader for Mac 2024.1
Foxit has urged users to update their applications to the latest versions to mitigate these risks.
The updates are designed to prevent the exploitation of these vulnerabilities, which could lead to information disclosure or allow attackers to take control of an affected system.
As indicated by previous updates and advisories, the company has a history of addressing security issues in its software.
Foxit emphasizes the importance of updating to the latest software versions and maintaining secure settings, such as enabling Safe Reading Mode, to protect against potential cyber threats.
Following the company’s update instructions, users can obtain the latest versions of Foxit PDF Reader and Foxit PDF Editor.
You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are incredibly harmful, can wreak havoc, and damage your network.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter