Foxit Reader critical security flaw discovered!


foxit reader logoA vulnerability has been discovered in the popular and widely utilized Foxit PDF Reader software; specifically through its browser plug-in which is installed by default in Firefox, Chrome, Opera and Safari.

Ironically, Foxit has always billed itself as the “secure” PDF reader. The vulnerability has been detailed in a Secunia Advisory and, because of its ability to be exploited remotely to gain system access, is rated “Highly Critical”.

Apparently, the Foxit developers have identified the flaw and are currently working on a patch. In the meantime, a Foxit representative has advised all users to avoid the Foxit browser plug-in for Firefox, Chrome, Opera or Safari and suggested using Internet Explorer to view online PDF files instead.

Chaitanya Sharma, advisory team lead at Secunia, offers similar advice… “We have confirmed the vulnerability using Firefox, Opera, and Safari. At the moment the best mitigation is to disable this add-on in browsers and use other software.”

Affected versions: Latest version 5.4.4.1128 – confirmed. Older versions – suspect.

**If you are a Foxit Reader user, you should disable the Foxit plug-in in all affected browsers now! Also, keep an eye out for an updated version which includes the patch and install as soon as available.


About the Author

Jim Hillier

Jim is the resident freeware aficionado at DCT. A computer veteran with 30+ years experience who first started writing about computers and tech back in the days when freeware was actually free. His first computer was a TRS-80 in the 1980s, he progressed through the Commodore series of computers before moving to PCs in the 1990s. Now retired (aka an old geezer), Jim retains his passion for all things tech and still enjoys building and repairing computers for a select clientele... as well as writing for DCT, of course.

7 Comments

  1. Jim- In Chrome browser.is Foxit the plug-in labeled as “Chrome PDF Viewer”?
    The path shown is > C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll <

    Many Thanks

    • Hi Chuck – I am not a Chrome user so I’m afraid my education there is rather limited. However, here’s how I see it:

      The ‘Chrome PDF Viewer’ plug-in you refer to is actually Chrome’s own built-in viewer and, although it is built using Foxit PDF (SDK), it is not the actual Foxit plug-in. From what I could discover on the net; if this native Chrome plug-in is enabled, it overrides all others. Also, this built-in plug-in is run sandboxed by default which would largely (if not wholly) mitigate the threat.

      In a nutshell; if you are using ‘Chrome PDF Viewer’ in Chrome, you don’t have too much to worry about.

      Cheers… Jim

  2. Have just downloaded the latest version of Foxit reader with the patch applied (545.1141) including the Firefox plugin ver 2.2.3.111. Lets hope that fixes things!

  3. Jim:
    I’m running Foxit Reader version 6.0.5.0618; is the security flaw still a vulnerability?
    Thanks for the warning,
    Dan

    • No, everything is okay now Dan. Foxit released a patch not longer this article was published, and newer versions (including yours) have fixed the vulnerability.

      Cheers… Jim