Foxit Reader critical security flaw discovered!


foxit reader logoA vulnerability has been discovered in the popular and widely utilized Foxit PDF Reader software; specifically through its browser plug-in which is installed by default in Firefox, Chrome, Opera and Safari.

Ironically, Foxit has always billed itself as the “secure” PDF reader. The vulnerability has been detailed in a Secunia Advisory and, because of its ability to be exploited remotely to gain system access, is rated “Highly Critical”.

Apparently, the Foxit developers have identified the flaw and are currently working on a patch. In the meantime, a Foxit representative has advised all users to avoid the Foxit browser plug-in for Firefox, Chrome, Opera or Safari and suggested using Internet Explorer to view online PDF files instead.

Chaitanya Sharma, advisory team lead at Secunia, offers similar advice… “We have confirmed the vulnerability using Firefox, Opera, and Safari. At the moment the best mitigation is to disable this add-on in browsers and use other software.”

Affected versions: Latest version 5.4.4.1128 – confirmed. Older versions – suspect.

**If you are a Foxit Reader user, you should disable the Foxit plug-in in all affected browsers now! Also, keep an eye out for an updated version which includes the patch and install as soon as available.

About the Author

Jim Hillier

Jim is the resident freeware aficionado at DCT. A computer veteran with 30+ years experience who first started writing about computers and tech back in the days when freeware was actually free. His first computer was a TRS-80 in the 1980s, he progressed through the Commodore series of computers before moving to PCs in the 1990s. Now retired (aka an old geezer), Jim retains his passion for all things tech and still enjoys building and repairing computers for a select clientele... as well as writing for DCT, of course.

There are 7 comments

Comments are closed.