Wednesday, January 23, 2013

Critical Vulnerability Patched in Foxit Reader 5.4.5 - Update Now

Foxit Reader If Foxit Reader is your preferred choice to open, view and print PDF files, make sure you’re running the latest version, 5.4.5.

Foxit Software released 5.4.5 following the discovery of a serious vulnerability in the Foxit Reader browser plugin that could allow an attacker to execute arbitrary code on a user’s computer.

A security bulletin posted on the Foxit Software’s website explains, “The vulnerability is caused by a boundary error in the Foxit Reader plugin for web browsers (npFoxitReaderPlugin.dll) when processing a URL and can be exploited to cause a stack-based buffer overflow via an overly long file name in the URL.”

The vulnerability, which was originally found by independent security researcher Andrea Micalizzi, affects Foxit Reader 5.4.4 and earlier.

Users can update to Foxit Reader 5.4.5 by selecting the ‘Check for Updates’ option under the application's Help menu, or by manually downloading and installing the latest update from the Foxit Software website.

Foxit Reader is known to be a safer alternative to Adobe's PDF Reader, which is commonly exploited by attackers. The flaw in Foxit Reader was publicly known for a little more than week before Foxit Software issued the patch.

Do you use Foxit Reader?

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

No comments:

Post a Comment